mailer.hdfcbank.com
Open in
urlscan Pro
2606:4700::6812:5e48
Public Scan
Effective URL: http://mailer.hdfcbank.com/campaign/March19/Fraudulent_Remote_Access/lp.html?did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&...
Submission: On July 15 via manual from US
Summary
This is the only time mailer.hdfcbank.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 119.81.110.28 119.81.110.28 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
1 4 | 2606:4700::68... 2606:4700::6812:5e48 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
3 | 1 |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 1c.6e.5177.ip4.static.sl-reverse.com
resu.io |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
mailer.hdfcbank.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
hdfcbank.com
1 redirects
mailer.hdfcbank.com |
17 KB |
2 |
resu.io
2 redirects
resu.io |
1004 B |
3 | 2 |
Domain | Requested by | |
---|---|---|
4 | mailer.hdfcbank.com |
1 redirects
mailer.hdfcbank.com
|
2 | resu.io | 2 redirects |
3 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.hdfcbank.com |
leads.hdfcbank.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh |
This page contains 1 frames:
Primary Page:
http://mailer.hdfcbank.com/campaign/March19/Fraudulent_Remote_Access/lp.html?did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&bid=F&cid=43757998-68a5-404e-b080-52c322e84da3&rid=W3TAA7&sid=dfa29283-11e7-4655-a399-c4b3c8c4b009&chl=sm&utm_source=RE&utm_medium=comm&utm_campaign=9RD
Frame ID: FC172B2AF7FBE1D2CE832C17085E3FDB
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://resu.io/WU7DW3TAA77C
HTTP 301
https://resu.io/WU7DW3TAA77C HTTP 302
http://mailer.hdfcbank.com/campaign/March19/Fraudulent_Remote_Access/lp.html?did=cust_00b4e220_6121_4a9... Page URL
-
http://mailer.hdfcbank.com/cdn-cgi/l/chk_jschl?s=a74dcb1c4bb41a55d7eced6a4e7a4905ce7150e0-1563186316-18...
HTTP 302
http://mailer.hdfcbank.com/campaign/March19/Fraudulent_Remote_Access/lp.html?did=cust_00b4e220_6121_4a9... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Unsubscribe
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://resu.io/WU7DW3TAA77C
HTTP 301
https://resu.io/WU7DW3TAA77C HTTP 302
http://mailer.hdfcbank.com/campaign/March19/Fraudulent_Remote_Access/lp.html?did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&bid=F&cid=43757998-68a5-404e-b080-52c322e84da3&rid=W3TAA7&sid=dfa29283-11e7-4655-a399-c4b3c8c4b009&chl=sm&utm_source=RE&utm_medium=comm&utm_campaign=9RD Page URL
-
http://mailer.hdfcbank.com/cdn-cgi/l/chk_jschl?s=a74dcb1c4bb41a55d7eced6a4e7a4905ce7150e0-1563186316-1800-Aaqm1BWUV2lM5q2R2%2B6tjMqJgx0xo3OtN3pkXxXHSjizDdz7RMb3kfKt4k64QkipAaTBbkXQJFLi4XKTArsK%2BQtY8Phyk2uagoiKTcGuQO%2F1XoUPV18SR5fG3hLXkYD7h8n%2F1MkTp0o3C2v4bKstNt9%2FaZxAGHU43TMZZFpPhZK0AvwEPP3P9gmFgQdCMAfSxwF8punAxMxzxX22DXARS%2B%2F4RK9v5%2BHEcausFtaOwTDxfMbzz6CXWsM%2FtxBayAWhH0h5buVFbC%2FoGD46dvsITgFiP%2BDNkFsF%2BTgx2p6pm3rKNt9lkIKp9N%2F9NPB%2B3UbQRmlI4hHkRp0Xuwz59%2FVdVpGEWNghP4j3etQmyRW%2F%2BkclL0B960FBp851TJ3GMbRZjMHrQ8Tnacnhf2ygHgnN1X5050b8VRxY8j%2Fc32rGZIwnrK24fZQgvk0N32BcKecULw%3D%3D&jschl_vc=5f57a13aad4684da90f214a99255722e&pass=1563186320.244-ES4tHGy28N&jschl_answer=41.6479232023
HTTP 302
http://mailer.hdfcbank.com/campaign/March19/Fraudulent_Remote_Access/lp.html?did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&bid=F&cid=43757998-68a5-404e-b080-52c322e84da3&rid=W3TAA7&sid=dfa29283-11e7-4655-a399-c4b3c8c4b009&chl=sm&utm_source=RE&utm_medium=comm&utm_campaign=9RD Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://resu.io/WU7DW3TAA77C HTTP 301
- https://resu.io/WU7DW3TAA77C HTTP 302
- http://mailer.hdfcbank.com/campaign/March19/Fraudulent_Remote_Access/lp.html?did=cust_00b4e220_6121_4a93_a63f_d0848bd73506&bid=F&cid=43757998-68a5-404e-b080-52c322e84da3&rid=W3TAA7&sid=dfa29283-11e7-4655-a399-c4b3c8c4b009&chl=sm&utm_source=RE&utm_medium=comm&utm_campaign=9RD
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
lp.html
mailer.hdfcbank.com/campaign/March19/Fraudulent_Remote_Access/ Redirect Chain
|
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
lp.html
mailer.hdfcbank.com/campaign/March19/Fraudulent_Remote_Access/ Redirect Chain
|
26 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gen_1.png
mailer.hdfcbank.com/campaign/May19/MutualFunds/NM/images/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hdfcbank.com/ | Name: cf_clearance Value: 6781e4e5520cfabaa915b2ce53c8ccf7572ca46c-1563186320-86400-150 |
|
.hdfcbank.com/ | Name: __cfduid Value: d8021c50319e9dec28bb17ea3accd97ad1563186316 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mailer.hdfcbank.com
resu.io
119.81.110.28
2606:4700::6812:5e48
2aa457e9b8e6df9e8c92811058a3bdcfe0fce3a86dbd7b93786bee61be5e5b1b
3b52021be25babcf0620458950650aa9be0ec08171c4aa3923ce7a7a6fa25cbd
df0dea7353db6ab472290dc2e5790d4a76de873379437444930803a1bac76083