click1.email.pro-immigration.com Open in urlscan Pro
74.214.203.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click1.email.pro-immigration.com/ViewMessage.do?a=view&m=ahykhskbl&q=1692077400&r=gnccntllwrl&s=blljlvmvkcbqkgmjckmsptzcmfgsqgcvmlf
Effective URL:
https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A
Submission: On August 15 via manual (August 15th 2023, 8:35:00 am UTC) from AO — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 74.214.203.11, located in United States and belongs to AMAZON-AES, US. The main domain is click1.email.pro-immigration.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 6th 2022. Valid for: a year.

This is the only time click1.email.pro-immigration.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 5	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
1	96.46.128.252 96.46.128.252	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:223... 2600:9000:223e:fc00:0:9845:40:93a1	16509 (AMAZON-02) (AMAZON-02)
8	4

5 74.214.203.11 (United States) 3 redirects

ASN14618 (AMAZON-AES, US)

click1.email.pro-immigration.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.128.252 (United States)

ASN14618 (AMAZON-AES, US)
PTR: www.efeedbacktrk.com

8cd991.efeedbacktrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223e:fc00:0:9845:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2r7cfber3va4h.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	pro-immigration.com 3 redirects click1.email.pro-immigration.com	12 KB
3	cloudfront.net d2r7cfber3va4h.cloudfront.net	57 KB
1	efeedbacktrk.com 8cd991.efeedbacktrk.com	466 B
0	facebook.net Failed connect.facebook.net Failed
8	4

	Domain	Requested by
5	click1.email.pro-immigration.com	3 redirects
3	d2r7cfber3va4h.cloudfront.net	click1.email.pro-immigration.com
1	8cd991.efeedbacktrk.com	click1.email.pro-immigration.com
0	connect.facebook.net Failed	click1.email.pro-immigration.com
8	4

This site contains no links.

Subject Issuer	Validity	Valid
click1.email.pro-immigration.com Go Daddy Secure Certificate Authority - G2	`2022-10-06` - `2023-11-07`	a year	crt.sh
*.efeedbacktrk.com Go Daddy Secure Certificate Authority - G2	`2023-03-19` - `2024-04-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A
Frame ID: B9631FE7C3512DCABCB00727D8A19714
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RE: Have a look at this, 189045043

Page URL History Show full URLs

https://click1.email.pro-immigration.com/ViewMessage.do?a=view&m=ahykhskbl&q=1692077400&r=gnccntllwrl&s=blljlvmvkcbqk... Page URL
https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A Page URL

Page Statistics

8
Requests

38 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

68 kB
Transfer

66 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click1.email.pro-immigration.com/ViewMessage.do?a=view&m=ahykhskbl&q=1692077400&r=gnccntllwrl&s=blljlvmvkcbqkgmjckmsptzcmfgsqgcvmlf Page URL
https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://click1.email.pro-immigration.com/qmpvwyryqphtfqgrtvpqrtjmbdtprsgjfgpyrwstsnwp~vmffmgjjrhj.gif HTTP 302
https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3027

Request Chain 4

https://click1.email.pro-immigration.com/amsykrgrztsnpzhgnytzgnvmwlntgdhvphtrgkdndbkp~vmffmgjjrhj.gif HTTP 302
https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3026

Request Chain 5

https://click1.email.pro-immigration.com/xdjpvkqkljstblrqtpjlqtndmctjqhrnbrjkqvhthgvj~vmffmgjjrhj.gif HTTP 302
https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3027

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	ViewMessage.do click1.email.pro-immigration.com/	3 KB 3 KB	1420ms 120ms	Document text/html	74.214.203.11 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://click1.email.pro-immigration.com/ViewMessage.do?a=view&m=ahykhskbl&q=1692077400&r=gnccntllwrl&s=blljlvmvkcbqkgmjckmsptzcmfgsqgcvmlf Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html;charset=utf-8 Date Tue, 15 Aug 2023 08:34:53 GMT Keep-Alive timeout=60 Server Apache-Coyote/1.1 Transfer-Encoding chunked
GET		all.js connect.facebook.net/en_US/	0 0

POST H/1.1	200 OK	Primary Request ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A Show response click1.email.pro-immigration.com/	8 KB 8 KB	176ms 175ms	Document text/html	74.214.203.11 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `eb28a5d13b7a9bcfe755d6398c44df77939126ce208d166a556fa936b3a9d7c4` Request headers Content-Type application/x-www-form-urlencoded Origin https://click1.email.pro-immigration.com Referer https://click1.email.pro-immigration.com/ViewMessage.do?a=view&m=ahykhskbl&q=1692077400&r=gnccntllwrl&s=blljlvmvkcbqkgmjckmsptzcmfgsqgcvmlf Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html;charset=utf-8 Date Tue, 15 Aug 2023 08:34:54 GMT Keep-Alive timeout=60 Server Apache-Coyote/1.1 Transfer-Encoding chunked
GET H/1.1	200 OK	etztsjwjlzpfhlbwftzlwfvrkqfzwybvhbzjwsysszdhbr_kvslfsddtvdjlsphtddrtt_0.gif 8cd991.efeedbacktrk.com/	68 B 466 B	552ms 120ms	Image image/png	96.46.128.252 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://8cd991.efeedbacktrk.com/etztsjwjlzpfhlbwftzlwfvrkqfzwybvhbzjwsysszdhbr_kvslfsddtvdjlsphtddrtt_0.gif Requested by Host: click1.email.pro-immigration.com URL: https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.46.128.252 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS www.efeedbacktrk.com Software sp / Resource Hash `2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11` Request headers accept-language de-DE,de;q=0.9 Referer https://click1.email.pro-immigration.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Pragma no-cache Date Tue, 15 Aug 2023 08:34:54 GMT Server sp Content-Type image/png;charset=utf-8 Cache-Control private, max-age=0, no-cache, no-store, must-revalidate imagetoolbar no Connection Keep-Alive Keep-Alive timeout=60 Content-Length 68 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	3027 d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/ Redirect Chain https://click1.email.pro-immigration.com/qmpvwyryqphtfqgrtvpqrtjmbdtprsgjfgpyrwstsnwp~vmffmgjjrhj.gif https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3027	19 KB 20 KB	471ms 411ms	Image image/png	2600:9000:223e:fc00:0:9845:40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3027 Requested by Host: click1.email.pro-immigration.com URL: https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A Protocol H2 Server 2600:9000:223e:fc00:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `6b418701dac3478707892b2f076b2631ba61bdf4580a90c7495328dac0bafdbb` Request headers accept-language de-DE,de;q=0.9 Referer https://click1.email.pro-immigration.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id DTOCUsuSoauN2WwiaA5ESSZX5AmCNlVS date Tue, 15 Aug 2023 08:34:56 GMT via 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront) last-modified Thu, 26 Nov 2020 10:35:08 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 etag "71915f622f667474c72518cc29819d5c" x-cache RefreshHit from cloudfront content-type IMAGE/png accept-ranges bytes content-length 19768 x-amz-cf-id ZMrJSuxXSQXvWjP99o-SV9h4CPvmVA6AZ4bzNNPMNzxND8wCDqv0ag== Redirect headers Location https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3027 Date Tue, 15 Aug 2023 08:34:53 GMT Server Apache-Coyote/1.1 Connection Keep-Alive Keep-Alive timeout=60 Content-Length 0 Content-Type text/html;charset=utf-8
GET H2	200	3026 d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/ Redirect Chain https://click1.email.pro-immigration.com/amsykrgrztsnpzhgnytzgnvmwlntgdhvphtrgkdndbkp~vmffmgjjrhj.gif https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3026	17 KB 17 KB	80ms 28ms	Image image/png	2600:9000:223e:fc00:0:9845:40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3026 Requested by Host: click1.email.pro-immigration.com URL: https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A Protocol H2 Server 2600:9000:223e:fc00:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `be96c0afae3e910d81dadebeac71865f99d17f63424f4d5e85e9e3f6af8842e6` Request headers accept-language de-DE,de;q=0.9 Referer https://click1.email.pro-immigration.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Tue, 15 Aug 2023 05:31:19 GMT x-amz-version-id V4wx5Hq5.Y1s3W0Myywt6rmRHp7fZXmH via 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront) last-modified Thu, 26 Nov 2020 10:35:08 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 age 11015 etag "fac96abb5dbb45b455e30f33fe0a7925" x-cache Hit from cloudfront content-type IMAGE/png accept-ranges bytes content-length 17447 x-amz-cf-id M1MTQPGttGmMP_V8smlqfdqAcVgj4eM6fMsHZ7XetBMwzELX2ziQ1Q== Redirect headers Location https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3026 Date Tue, 15 Aug 2023 08:34:53 GMT Server Apache-Coyote/1.1 Connection Keep-Alive Keep-Alive timeout=60 Content-Length 0 Content-Type text/html;charset=utf-8
GET H2	200	3027 d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/ Redirect Chain https://click1.email.pro-immigration.com/xdjpvkqkljstblrqtpjlqtndmctjqhrnbrjkqvhthgvj~vmffmgjjrhj.gif https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3027	19 KB 20 KB	350ms 348ms	Image image/png	2600:9000:223e:fc00:0:9845:40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3027 Requested by Host: click1.email.pro-immigration.com URL: https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A Protocol H2 Server 2600:9000:223e:fc00:0:9845:40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `6b418701dac3478707892b2f076b2631ba61bdf4580a90c7495328dac0bafdbb` Request headers accept-language de-DE,de;q=0.9 Referer https://click1.email.pro-immigration.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers x-amz-version-id DTOCUsuSoauN2WwiaA5ESSZX5AmCNlVS date Tue, 15 Aug 2023 08:34:56 GMT via 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront) last-modified Thu, 26 Nov 2020 10:35:08 GMT server AmazonS3 x-amz-cf-pop FRA56-P4 etag "71915f622f667474c72518cc29819d5c" x-cache Hit from cloudfront content-type IMAGE/png accept-ranges bytes content-length 19768 x-amz-cf-id hRvCKwi25p2hNQexzdlqRFZynxb84mhhmEAwPeQBaFVWwxog2C-kOg== Redirect headers Location https://d2r7cfber3va4h.cloudfront.net/42BCBD78-6D5C-47DC-A1F9-7C35A657BC23/3027 Date Tue, 15 Aug 2023 08:34:53 GMT Server Apache-Coyote/1.1 Connection Keep-Alive Keep-Alive timeout=60 Content-Length 0 Content-Type text/html;charset=utf-8
GET		all.js connect.facebook.net/en_US/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Domain: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			click1.email.pro-immigration.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: EDCA9AC5BBD47E72A73407EF76A0B00A

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://click1.email.pro-immigration.com/ViewMessage.do?a=view&m=ahykhskbl&q=1692077400&r=gnccntllwrl&s=blljlvmvkcbqkgmjckmsptzcmfgsqgcvmlf Message: Mixed Content: The page at 'https://click1.email.pro-immigration.com/ViewMessage.do?a=view&m=ahykhskbl&q=1692077400&r=gnccntllwrl&s=blljlvmvkcbqkgmjckmsptzcmfgsqgcvmlf' was loaded over HTTPS, but requested an insecure script 'http://connect.facebook.net/en_US/all.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A Message: Mixed Content: The page at 'https://click1.email.pro-immigration.com/ViewMessage.do;jsessionid=D8E5E1E14571CFA0E8B6B02AD365672A' was loaded over HTTPS, but requested an insecure script 'http://connect.facebook.net/en_US/all.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8cd991.efeedbacktrk.com
click1.email.pro-immigration.com
connect.facebook.net
d2r7cfber3va4h.cloudfront.net
connect.facebook.net
2600:9000:223e:fc00:0:9845:40:93a1
74.214.203.11
96.46.128.252
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
6b418701dac3478707892b2f076b2631ba61bdf4580a90c7495328dac0bafdbb
be96c0afae3e910d81dadebeac71865f99d17f63424f4d5e85e9e3f6af8842e6
eb28a5d13b7a9bcfe755d6398c44df77939126ce208d166a556fa936b3a9d7c4

click1.email.pro-immigration.com Open in urlscan Pro 74.214.203.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

38 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

68 kBTransfer

66 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

click1.email.pro-immigration.com Open in urlscan Pro
74.214.203.11 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

38 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

68 kB
Transfer

66 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions