![](/screenshots/775bcbf5-5c29-415e-8c0c-7d1559a0ad73.png)
pages.lyftmail.com
Open in
urlscan Pro
66.231.91.161
Public Scan
Effective URL: http://pages.lyftmail.com/page.aspx?QS=3935619f7de112ef7e67e5ff2181250913ba0d9bb603920fff10faecd85d36ce
Submission: On April 12 via automatic, source phishtank
Summary
This is the only time pages.lyftmail.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 66.231.91.161 66.231.91.161 | 22606 (EXACT-7) (EXACT-7 - ExactTarget) | |
4 | 66.231.91.47 66.231.91.47 | 22606 (EXACT-7) (EXACT-7 - ExactTarget) | |
9 | 2 |
ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: pages.virt.exacttarget.com
pages.lyftmail.com |
ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: click.virt.exacttarget.com
click.lyftmail.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
lyftmail.com
pages.lyftmail.com click.lyftmail.com |
27 KB |
9 | 1 |
Domain | Requested by | |
---|---|---|
5 | pages.lyftmail.com |
pages.lyftmail.com
|
4 | click.lyftmail.com |
pages.lyftmail.com
|
9 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://pages.lyftmail.com/page.aspx?QS=3935619f7de112ef7e67e5ff2181250913ba0d9bb603920fff10faecd85d36ce
Frame ID: 25907.1
Requests: 9 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() pages.lyftmail.com/ Redirect Chain
|
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Logo.aspx
click.lyftmail.com/GraphicMaker/ |
807 B 807 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
headergradient.jpg
click.lyftmail.com/GraphicMaker/Login/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bar-end_left.gif
click.lyftmail.com/GraphicMaker/External/ |
56 B 56 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bar-end_right.gif
click.lyftmail.com/GraphicMaker/External/ |
57 B 57 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HttpRequest.js
pages.lyftmail.com/Script/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pageTracking.js
pages.lyftmail.com/Script/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
TrackingAjax.aspx
pages.lyftmail.com/ |
4 B 4 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
pages.lyftmail.com/ |
1 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pages.lyftmail.com/ | Name: ASP.NET_SessionId Value: pqqzxmiasurancx5df1e4r5g |
|
pages.lyftmail.com/ | Name: xt_0d95e Value: !wjrR43yU5jM/ugG+357i3qr2SbJ8bOBRv+h85gzIxRCIgP/evobwhIs1WTjEdqmEe5910gue6wVkZ/c= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
click.lyftmail.com
pages.lyftmail.com
66.231.91.161
66.231.91.47
2e06c9aa6bdd3f6f6ec0fbdae7eafc96d08e7d78d2560c4a314c4b5e253ebbc4
51eca32442a862d53435673050a4e4a1da5eacff53d3d5853e08218c43b8d05c
62312563199e897ee82621ae19996c3a2e5b1cba1f40be985bf9746d7b31221e
7b69dfb04b958dc476cef2862890909414a0705b1c0d6a884beb4eb32366961c
9246f122fea3478f2a7dc37d6b2b72f36f8d0cf2d5922e0037204532c4363fe5
98d11a4daf793110290cebd14b9f4822cf9afbc5cc3eff1968fb767ebdbdb6fd
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
e1ab635e5c1ff4697f1384cc8b808e625551ff74c9299d1f63dbfbf2d60b4564
e41aea70ff2d1f55e3df157020bc5e56c6b51539305c29dd18fc6ced55688163