urlscan.io logo urlscan.io
SecurityTrails logo

login.customerportal.iqvia.com Open in urlscan Pro
162.44.200.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clicktime.symantec.com/15siF8goa7QAtzBHXH6fh?h=s12k6YkUMYkG4z_FmIMGX8FkHa9zfbazORzrRiroj3U=&u=https://www.customerporta...
Effective URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Submission: On August 02 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 4 countries across 3 domains to perform 18 HTTP transactions. The main IP is 162.44.200.9, located in United States and belongs to IQVIA-CARLSTADT, US. The main domain is login.customerportal.iqvia.com. The Cisco Umbrella rank of the primary domain is 583932.
TLS certificate: Issued by Entrust Certification Authority - L1K on June 21st 2022. Valid for: a year.
This is the only time login.customerportal.iqvia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.229.24.120 16509 (AMAZON-02)
2 2 162.44.200.214 14948 (IQVIA-CAR...)
1 9 162.44.200.9 14948 (IQVIA-CAR...)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
18 3
1    54.229.24.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-24-120.eu-west-1.compute.amazonaws.com
clicktime.symantec.com
2    162.44.200.214 (United States)

ASN14948 (IQVIA-CARLSTADT, US)
PTR: arboranalytics.imshealth.com
www.customerportal.iqvia.com
9    162.44.200.9 (United States)

ASN14948 (IQVIA-CARLSTADT, US)
login.customerportal.iqvia.com
9    2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2a02:26f0:11a::6867:4868 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
Apex Domain
Subdomains		 Transfer
11 iqvia.com
www.customerportal.iqvia.com
login.customerportal.iqvia.com — Cisco Umbrella Rank: 583932
378 KB
10 typekit.net
use.typekit.net — Cisco Umbrella Rank: 641
p.typekit.net — Cisco Umbrella Rank: 759
209 KB
1 symantec.com
clicktime.symantec.com — Cisco Umbrella Rank: 42461
317 B
18 3
Domain Requested by
9 use.typekit.net login.customerportal.iqvia.com
9 login.customerportal.iqvia.com 1 redirects login.customerportal.iqvia.com
2 www.customerportal.iqvia.com 2 redirects
1 p.typekit.net login.customerportal.iqvia.com
1 clicktime.symantec.com 1 redirects
18 5

This site contains links to these domains. Also see Links.

Domain
www.iqvia.com
www.customerportal.iqvia.com
Subject Issuer Validity Valid
*.customerportal.iqvia.com
Entrust Certification Authority - L1K		 2022-06-21 -
2023-07-19		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Frame ID: C5FBBE6778A6C196F9A16F80C4BC5002
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IMS Health: Benutzer-Selbsthilfe

Page URL History Show full URLs

  1. https://clicktime.symantec.com/15siF8goa7QAtzBHXH6fh?h=s12k6YkUMYkG4z_FmIMGX8FkHa9zfbazORzrRiroj3U=&u=https... HTTP 307
    https://www.customerportal.iqvia.com/?uid=assya.lisheva@merckgroup.com&valkey=7o5JJf HTTP 302
    https://www.customerportal.iqvia.com/sites/portal?uid=assya.lisheva@merckgroup.com&valkey=7o5JJf HTTP 302
    https://login.customerportal.iqvia.com/EB2/User/CustomerLogin.aspx?TYPE=33554432&REALMOID=06-809931d6-4afe-4a15-8f9... HTTP 302
    https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

3
IPs

4
Countries

585 kB
Transfer

629 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicktime.symantec.com/15siF8goa7QAtzBHXH6fh?h=s12k6YkUMYkG4z_FmIMGX8FkHa9zfbazORzrRiroj3U=&u=https://www.customerportal.iqvia.com/?uid%3Dassya.lisheva%40merckgroup.com%26valkey%3D7o5JJf HTTP 307
    https://www.customerportal.iqvia.com/?uid=assya.lisheva@merckgroup.com&valkey=7o5JJf HTTP 302
    https://www.customerportal.iqvia.com/sites/portal?uid=assya.lisheva@merckgroup.com&valkey=7o5JJf HTTP 302
    https://login.customerportal.iqvia.com/EB2/User/CustomerLogin.aspx?TYPE=33554432&REALMOID=06-809931d6-4afe-4a15-8f92-45225b556966&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-WVcxofMsQidZ8YOfxW9Bxy6EEVU0O4AIHYmzhKixJ8Fw9Ilv6L%2bU1J8F8jOwZSdL&TARGET=-SM-HTTP%3a%2f%2fwww%2ecustomerportal%2eiqvia%2ecom%2fsites%2fportal%3fuid%3dassya%2elisheva%40merckgroup%2ecom%26valkey%3d7o5JJf HTTP 302
    https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Validation_multiuse.aspx
login.customerportal.iqvia.com/EB2/User/
Redirect Chain
  • https://clicktime.symantec.com/15siF8goa7QAtzBHXH6fh?h=s12k6YkUMYkG4z_FmIMGX8FkHa9zfbazORzrRiroj3U=&u=https://www.customerportal.iqvia.com/?uid%3Dassya.lisheva%40merckgroup.com%26valkey%3D7o5JJf
  • https://www.customerportal.iqvia.com/?uid=assya.lisheva@merckgroup.com&valkey=7o5JJf
  • https://www.customerportal.iqvia.com/sites/portal?uid=assya.lisheva@merckgroup.com&valkey=7o5JJf
  • https://login.customerportal.iqvia.com/EB2/User/CustomerLogin.aspx?TYPE=33554432&REALMOID=06-809931d6-4afe-4a15-8f92-45225b556966&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-WVcxofMsQidZ8YOfxW9...
  • https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.44.200.9 , United States, ASN14948 (IQVIA-CARLSTADT, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
fb0a3c73f8f156e701db6e572167288e9cda7fc89d55637a057d8e32a4a94ac6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CP-Client-Type
external
Cache-Control
no-cache
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
4575
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Aug 2022 13:30:01 GMT
Expires
-1
Pragma
no-cache
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

CP-Client-Type
external
Cache-Control
no-cache
Content-Length
151
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Aug 2022 13:30:01 GMT
Expires
-1
Location
/EB2/User/Validation_multiuse.aspx
Pragma
no-cache
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
une7jbx.js
use.typekit.net/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/une7jbx.js
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a188aa879445a0d5c8b516190aee800c6f3b86faba7653bc00ea9e558bfe3ef9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.customerportal.iqvia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Tue, 02 Aug 2022 13:30:01 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6895
jquery-ui.min.css
login.customerportal.iqvia.com/EB2/includes/ 		31 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.customerportal.iqvia.com/EB2/includes/jquery-ui.min.css
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.44.200.9 , United States, ASN14948 (IQVIA-CARLSTADT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c83248a6250e4cb6ecf12ec734fe3cd9219e0dfc5182229baf14d493bb82af3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 13:30:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jun 2022 07:55:34 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"1a7a0755681d81:0"
Vary
Accept-Encoding
CP-Client-Type
external
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9560
styles2016.css
login.customerportal.iqvia.com/EB2/includes/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.customerportal.iqvia.com/EB2/includes/styles2016.css
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.44.200.9 , United States, ASN14948 (IQVIA-CARLSTADT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
87c0447feba6efe569d80de431fb6753d1b52d2ed1d2b1decc6065c4a0b74b10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 13:30:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Apr 2018 15:33:38 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"0f5b61c3dded31:0"
Vary
Accept-Encoding
CP-Client-Type
external
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3256
jquery-3.6.0.min.js
login.customerportal.iqvia.com/EB2/includes/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.customerportal.iqvia.com/EB2/includes/jquery-3.6.0.min.js
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.44.200.9 , United States, ASN14948 (IQVIA-CARLSTADT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 13:30:01 GMT
Last-Modified
Thu, 16 Jun 2022 02:47:58 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"b32eea7c2b81d81:0"
CP-Client-Type
external
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
89501
jquery-ui.min.js
login.customerportal.iqvia.com/EB2/includes/ 		249 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.customerportal.iqvia.com/EB2/includes/jquery-ui.min.js
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.44.200.9 , United States, ASN14948 (IQVIA-CARLSTADT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
41b15f15b0a6fcc020aa8337e375465ce579b384d78cd2eb1e090bf539f3d161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 13:30:01 GMT
Last-Modified
Wed, 15 Jun 2022 20:54:48 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"01c4a26fa80d81:0"
CP-Client-Type
external
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
255077
logo_ims_health.png
login.customerportal.iqvia.com/EB2/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.customerportal.iqvia.com/EB2/images/logo_ims_health.png
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.44.200.9 , United States, ASN14948 (IQVIA-CARLSTADT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9d35c0932c13cc7e1592ca14fa9dc294707b5e4239cba8ec51dec5ccedf19e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 13:30:01 GMT
Last-Modified
Mon, 06 Nov 2017 09:27:12 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"098fc6ce156d31:0"
CP-Client-Type
external
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
19774
Expires
Tue, 19 Jan 2038 03:14:07 GMT
ImsCustomerPortal.png
login.customerportal.iqvia.com/EB2/images/ 		334 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.customerportal.iqvia.com/EB2/images/ImsCustomerPortal.png
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.44.200.9 , United States, ASN14948 (IQVIA-CARLSTADT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
daedf9a84c2089f71239b848fb96b5d6f292d4863839a9511787f708593a9df6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 13:30:01 GMT
Last-Modified
Sun, 17 Jan 2016 22:11:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"0c71bfd7351d11:0"
Vary
Accept-Encoding
CP-Client-Type
external
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
334
Expires
Tue, 19 Jan 2038 03:14:07 GMT
IMSHportal_FAQ_icon.png
login.customerportal.iqvia.com/EB2/images/ 		431 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.customerportal.iqvia.com/EB2/images/IMSHportal_FAQ_icon.png
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.44.200.9 , United States, ASN14948 (IQVIA-CARLSTADT, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fb44829adabc365c1b6d7635eb8cbe37716e387875d94041aa615e5fd33c914a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Tue, 02 Aug 2022 13:30:01 GMT
Last-Modified
Sun, 17 Jan 2016 22:11:52 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"0c45f117451d11:0"
Vary
Accept-Encoding
CP-Client-Type
external
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
431
Expires
Tue, 19 Jan 2038 03:14:07 GMT
l
use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/l?primer=56c14ca7a0d192f103c3949da504100f25781c0ed61318b4ae635e6bdff6594b&fvd=n7&v=3
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ed2e29584852ddd577b79a24f09cd861438b5d8ed8c7e61acbfb5fc33f1e1792

Request headers

Referer
https://login.customerportal.iqvia.com/
Origin
https://login.customerportal.iqvia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:30:02 GMT
server
nginx
etag
"33ddaa1c1b72d2239317fecd207e502ddad65e39"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32140
l
use.typekit.net/af/347aea/00000000000000003b9ad1b2/27/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/347aea/00000000000000003b9ad1b2/27/l?primer=56c14ca7a0d192f103c3949da504100f25781c0ed61318b4ae635e6bdff6594b&fvd=i7&v=3
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
826d2ecba066af7a067bdcb95ad8124fa60421dd6c0281ae097b5c4aee8b91d6

Request headers

Referer
https://login.customerportal.iqvia.com/
Origin
https://login.customerportal.iqvia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:30:02 GMT
server
nginx
etag
"9df3648035d330e11c0f3196039b8ca7cd9f2c36"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33104
l
use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/l?primer=56c14ca7a0d192f103c3949da504100f25781c0ed61318b4ae635e6bdff6594b&fvd=n4&v=3
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
341716223bf5b3d0ae125a308b229c36cad6f9c2bbb72b850962d4a1d3963308

Request headers

Referer
https://login.customerportal.iqvia.com/
Origin
https://login.customerportal.iqvia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:30:02 GMT
server
nginx
etag
"7018bfc1b06887b27719bddc52c32efdfc3576ca"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30996
l
use.typekit.net/af/4ba64f/00000000000000003b9ad1ba/27/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4ba64f/00000000000000003b9ad1ba/27/l?primer=56c14ca7a0d192f103c3949da504100f25781c0ed61318b4ae635e6bdff6594b&fvd=i4&v=3
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
040f91780640e92db18f18b0ee54a7bf8555649b6015dbc768e848364045eb6b

Request headers

Referer
https://login.customerportal.iqvia.com/
Origin
https://login.customerportal.iqvia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:30:02 GMT
server
nginx
etag
"816d711c520652992fc6295096eec1be3eb80908"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31996
l
use.typekit.net/af/3333ef/00000000000000003b9ad1b5/27/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3333ef/00000000000000003b9ad1b5/27/l?primer=56c14ca7a0d192f103c3949da504100f25781c0ed61318b4ae635e6bdff6594b&fvd=n3&v=3
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
630da96d347d4df94b794d43bddd2ce819f89a28d7d06f402d55b6b2ecdb6e17

Request headers

Referer
https://login.customerportal.iqvia.com/
Origin
https://login.customerportal.iqvia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:30:02 GMT
server
nginx
etag
"591633a66cbc0104775ed12bfc08d11221feed2c"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31004
l
use.typekit.net/af/dacbbb/000000000000000000014a3f/27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/dacbbb/000000000000000000014a3f/27/l?primer=56c14ca7a0d192f103c3949da504100f25781c0ed61318b4ae635e6bdff6594b&fvd=n7&v=3
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f5c256353f96e27ec5593433db1a9354b0b5df089f0cfb9b378bef53f6a63e6a

Request headers

Referer
https://login.customerportal.iqvia.com/
Origin
https://login.customerportal.iqvia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:30:02 GMT
server
nginx
etag
"1dde4e744bce71727d5cfbe7790e36d37c1a1f57"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15400
l
use.typekit.net/af/c19086/000000000000000000014a3b/27/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/c19086/000000000000000000014a3b/27/l?primer=56c14ca7a0d192f103c3949da504100f25781c0ed61318b4ae635e6bdff6594b&fvd=n3&v=3
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8763a504afff746a720d3b0d9da44e9d1397ee23854ab8d1722fadd12a658889

Request headers

Referer
https://login.customerportal.iqvia.com/
Origin
https://login.customerportal.iqvia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:30:02 GMT
server
nginx
etag
"9f61016710eb36d451a24be73d2ed6175f146c27"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14196
l
use.typekit.net/af/59af34/000000000000000000014a3d/27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/59af34/000000000000000000014a3d/27/l?primer=56c14ca7a0d192f103c3949da504100f25781c0ed61318b4ae635e6bdff6594b&fvd=i4&v=3
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5e3e8a6c31e8a801063c3315663d788b26116becf56fa8ec4f8f20e3967d7f3b

Request headers

Referer
https://login.customerportal.iqvia.com/
Origin
https://login.customerportal.iqvia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:30:02 GMT
server
nginx
etag
"46900403fb4fac072491a95bc78644d8bb09669a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16192
p.gif
p.typekit.net/ 		35 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=une7jbx&ht=tk&h=login.customerportal.iqvia.com&f=139.140.175.176.5474.15759.15761.22737&a=676480&js=1.21.0&app=typekit&e=js&_=1659447002410
Requested by
Host: login.customerportal.iqvia.com
URL: https://login.customerportal.iqvia.com/EB2/User/Validation_multiuse.aspx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.customerportal.iqvia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:30:02 GMT
last-modified
Sat, 09 Oct 2021 06:43:10 GMT
server
nginx
etag
"616139fe-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Typekit function| $ function| jQuery object| theForm function| __doPostBack

7 Cookies

Domain/Path Name / Value
www.customerportal.iqvia.com/ Name: BIGipServertestportallive.imshealth.com_http_prod_pool
Value: rd1o00000000000000000000ffffa22cfef8o80
login.customerportal.iqvia.com/ Name: ASP.NET_SessionId
Value: xsmxzvrz3tcredahasf0jksc
login.customerportal.iqvia.com/ Name: RememberMe
Value: True
login.customerportal.iqvia.com/ Name: IMSHID
Value: assya.lisheva@merckgroup.com
login.customerportal.iqvia.com/ Name: OXID
Value: 438593
login.customerportal.iqvia.com/ Name: USER_TYPE
Value:
login.customerportal.iqvia.com/ Name: BIGipServertestwebsolutions.imshealth.com_http_prod_pool
Value: rd1o00000000000000000000ffffa22cfe08o80

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicktime.symantec.com
login.customerportal.iqvia.com
p.typekit.net
use.typekit.net
www.customerportal.iqvia.com
162.44.200.214
162.44.200.9
2a02:26f0:11a::6867:4868
2a02:26f0:3500:16::215:148f
54.229.24.120
040f91780640e92db18f18b0ee54a7bf8555649b6015dbc768e848364045eb6b
341716223bf5b3d0ae125a308b229c36cad6f9c2bbb72b850962d4a1d3963308
41b15f15b0a6fcc020aa8337e375465ce579b384d78cd2eb1e090bf539f3d161
5e3e8a6c31e8a801063c3315663d788b26116becf56fa8ec4f8f20e3967d7f3b
630da96d347d4df94b794d43bddd2ce819f89a28d7d06f402d55b6b2ecdb6e17
826d2ecba066af7a067bdcb95ad8124fa60421dd6c0281ae097b5c4aee8b91d6
8763a504afff746a720d3b0d9da44e9d1397ee23854ab8d1722fadd12a658889
87c0447feba6efe569d80de431fb6753d1b52d2ed1d2b1decc6065c4a0b74b10
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d35c0932c13cc7e1592ca14fa9dc294707b5e4239cba8ec51dec5ccedf19e53
a188aa879445a0d5c8b516190aee800c6f3b86faba7653bc00ea9e558bfe3ef9
c83248a6250e4cb6ecf12ec734fe3cd9219e0dfc5182229baf14d493bb82af3c
daedf9a84c2089f71239b848fb96b5d6f292d4863839a9511787f708593a9df6
ed2e29584852ddd577b79a24f09cd861438b5d8ed8c7e61acbfb5fc33f1e1792
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f5c256353f96e27ec5593433db1a9354b0b5df089f0cfb9b378bef53f6a63e6a
fb0a3c73f8f156e701db6e572167288e9cda7fc89d55637a057d8e32a4a94ac6
fb44829adabc365c1b6d7635eb8cbe37716e387875d94041aa615e5fd33c914a