urlscan.io logo urlscan.io
SecurityTrails logo

vickcarty2014.qltrk.com Open in urlscan Pro
167.235.217.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vickcartyshow.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cCUzQSUyRiUyRmdldHZjaWMuY29tJTJGZW1haWwyJTNGdXRtX3NvdXJjZSUzRE...
Effective URL: http://vickcarty2014.qltrk.com/qlick/blocked
Submission Tags: falconsandbox
Submission: On February 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 7 domains to perform 13 HTTP transactions. The main IP is 167.235.217.27, located in Germany and belongs to HETZNER-AS, DE. The main domain is vickcarty2014.qltrk.com.
This is the only time vickcarty2014.qltrk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.199.163.31 14618 (AMAZON-AES)
1 2 35.240.1.10 396982 (GOOGLE-CL...)
1 103.224.182.253 133618 (TRELLIAN-...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2400:52e0:1e0... 200325 (BUNNYCDN)
1 52.44.103.236 14618 (AMAZON-AES)
1 3 167.235.217.27 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
13 7
1    44.199.163.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-163-31.compute-1.amazonaws.com
vickcartyshow.lt.acemlnc.com
2    35.240.1.10 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.1.240.35.bc.googleusercontent.com
getvcic.com
1    103.224.182.253 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-253.above.com
vickcarty2014.qlitrk.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2400:52e0:1e00::865:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
cdn.convertri.com
1    52.44.103.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-103-236.compute-1.amazonaws.com
snowplow.convertri.com
3    167.235.217.27 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.27.217.235.167.clients.your-server.de
vickcarty2014.qltrk.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
4 convertri.com
cdn.convertri.com — Cisco Umbrella Rank: 158674
snowplow.convertri.com — Cisco Umbrella Rank: 178420
177 KB
4 gstatic.com
fonts.gstatic.com
67 KB
3 qltrk.com
vickcarty2014.qltrk.com
119 KB
2 getvcic.com
getvcic.com
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 qlitrk.com
vickcarty2014.qlitrk.com
262 B
1 acemlnc.com
vickcartyshow.lt.acemlnc.com
352 B
13 7
Domain Requested by
4 fonts.gstatic.com getvcic.com
fonts.googleapis.com
3 vickcarty2014.qltrk.com 1 redirects
3 cdn.convertri.com getvcic.com
2 getvcic.com 1 redirects
1 fonts.googleapis.com vickcarty2014.qltrk.com
1 snowplow.convertri.com getvcic.com
1 vickcarty2014.qlitrk.com getvcic.com
1 vickcartyshow.lt.acemlnc.com 1 redirects
13 8

This site contains links to these domains. Also see Links.

Domain
qliker.io
Subject Issuer Validity Valid
getvcic.com
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
bradswoodworkandmore.com
R3		 2023-01-27 -
2023-04-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
cdn.convertri.com
R3		 2023-01-16 -
2023-04-16		 3 months crt.sh
snowplow.convertri.com
Amazon RSA 2048 M01		 2023-01-25 -
2024-02-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://vickcarty2014.qltrk.com/qlick/blocked
Frame ID: BCB1664C8127369B3B7F984D5DC3685F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access BLOCKED

Page URL History Show full URLs

  1. https://vickcartyshow.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cCUzQSUyRiUyRmdldHZjaWMuY29tJTJGZW1haWwyJT... HTTP 302
    http://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F... HTTP 307
    https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F... Page URL
  2. http://vickcarty2014.qltrk.com/l/dp2 HTTP 302
    http://vickcarty2014.qltrk.com/qlick/blocked Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

85 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

7
IPs

5
Countries

376 kB
Transfer

812 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vickcartyshow.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cCUzQSUyRiUyRmdldHZjaWMuY29tJTJGZW1haWwyJTNGdXRtX3NvdXJjZSUzREFjdGl2ZUNhbXBhaWduJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NvbnRlbnQlM0RMQVNUJTJCQ0hBTkNFLSUyNUYwJTI1OUYlMjU5MiUyNUIyJTJCJTI1MjhQZW5kaW5nJTJCUGF5bWVudHMlMjUyOSUyQldoZXJlJTJCZG8lMkJJJTJCc2VuZCUyQnlvdXIlMjVGMCUyNTlGJTI1OTIlMjVCMjc1MDAlMkJhZmZpbGlhdGUtcGF5bWVudCUyQmxpbmslMkIlMjUyOEV4cGlyaW5nJTJCJTI1MjklMjZ1dG1fY2FtcGFpZ24lM0RKYW4lMkIyNiUyQjklMkJwbQ%3D%3D&sig=GER4XTmrWp9KgE9MU8ZgBb9NJYgcw1WFeJzNK1AWLGa1&iat=1674747182&a=%7C%7C650873515%7C%7C&account=vickcartyshow.activehosted.com&email=oPIn8rb8sXfresXT4cYSWQ%3D%3D&s=ff77cac76460fe3d5b33993dc0ce16c5&i=3057A3270A9A11205 HTTP 302
    http://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm HTTP 307
    https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm Page URL
  2. http://vickcarty2014.qltrk.com/l/dp2 HTTP 302
    http://vickcarty2014.qltrk.com/qlick/blocked Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vickcartyshow.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cCUzQSUyRiUyRmdldHZjaWMuY29tJTJGZW1haWwyJTNGdXRtX3NvdXJjZSUzREFjdGl2ZUNhbXBhaWduJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NvbnRlbnQlM0RMQVNUJTJCQ0hBTkNFLSUyNUYwJTI1OUYlMjU5MiUyNUIyJTJCJTI1MjhQZW5kaW5nJTJCUGF5bWVudHMlMjUyOSUyQldoZXJlJTJCZG8lMkJJJTJCc2VuZCUyQnlvdXIlMjVGMCUyNTlGJTI1OTIlMjVCMjc1MDAlMkJhZmZpbGlhdGUtcGF5bWVudCUyQmxpbmslMkIlMjUyOEV4cGlyaW5nJTJCJTI1MjklMjZ1dG1fY2FtcGFpZ24lM0RKYW4lMkIyNiUyQjklMkJwbQ%3D%3D&sig=GER4XTmrWp9KgE9MU8ZgBb9NJYgcw1WFeJzNK1AWLGa1&iat=1674747182&a=%7C%7C650873515%7C%7C&account=vickcartyshow.activehosted.com&email=oPIn8rb8sXfresXT4cYSWQ%3D%3D&s=ff77cac76460fe3d5b33993dc0ce16c5&i=3057A3270A9A11205 HTTP 302
  • http://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm HTTP 307
  • https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
email2
getvcic.com/
Redirect Chain
  • https://vickcartyshow.lt.acemlnc.com/Prod/link-tracker?redirectUrl=aHR0cCUzQSUyRiUyRmdldHZjaWMuY29tJTJGZW1haWwyJTNGdXRtX3NvdXJjZSUzREFjdGl2ZUNhbXBhaWduJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NvbnRlbn...
  • http://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expir...
  • https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expi...
88 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.240.1.10 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.1.240.35.bc.googleusercontent.com
Software
/
Resource Hash
5b4d3095a41bc149e6d18c7e3cd5d1e175d01966c5802423482b27482e4d2757

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Feb 2023 09:47:19 GMT
vary
Accept-Encoding

Redirect headers

Content-Length
278
Content-Type
text/html; charset=utf-8
Date
Thu, 16 Feb 2023 09:47:19 GMT
Location
https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm
Vary
Accept-Encoding
engage
vickcarty2014.qlitrk.com/t/pixel/ 		0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vickcarty2014.qlitrk.com/t/pixel/engage?u=34427&att=2&ref=
Requested by
Host: getvcic.com
URL: https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.253 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-253.above.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getvcic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 09:47:20 GMT
server
Apache/2.4.38 (Debian)
connection
close
content-length
0
content-type
text/html; charset=UTF-8
KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v29/ 		35 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Requested by
Host: getvcic.com
URL: https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52dc362cae7e441a98741305a38b045859ac60e99377d9d88922ec32cb944cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getvcic.com/
Origin
https://getvcic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 17:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20778
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:05:25 GMT
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v29/ 		35 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: getvcic.com
URL: https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getvcic.com/
Origin
https://getvcic.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 09:26:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20743
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 09:26:33 GMT
jquery-1.12.2.min.js
cdn.convertri.com/ 		382 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/jquery-1.12.2.min.js?v=2022-02-15-08-58-02
Requested by
Host: getvcic.com
URL: https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
2bd8746c9641b9c1ec49b8972f313c64e94a011686f54f00214b29b577aeec48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getvcic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 09:47:19 GMT
content-encoding
br
cdn-edgestorageid
1075
x-amz-request-id
QMX3340T38Q5SS3H
cdn-cachedat
02/14/2023 09:47:31
cdn-pullzone
408079
x-amz-id-2
Z0vw6VrRuZboXg/W5JiAA87Mz2HVOnyXqLT09uyeCcnSLMYEdQHLilhpCnWOwBl+2FFo49pnSwc=
last-modified
Tue, 14 Feb 2023 09:33:21 GMT
server
BunnyCDN-DE1-865
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"c4cbe07d3b67b50d7092f2e853c50a49"
vary
Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
max-age=604800
cdn-requestid
70ba82cdab7197692515fe00bc107d8e
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
cdn.min.css
cdn.convertri.com/ 		64 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.convertri.com/cdn.min.css?v=2022-02-15-08-58-02
Requested by
Host: getvcic.com
URL: https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
59fe8ac9c8c9cd319fcdc14f91530aad33e7ad2cc421caaeccc9f1c1cf8ebf32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getvcic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 09:47:19 GMT
content-encoding
br
cdn-edgestorageid
722
x-amz-request-id
741KZERGBDD6NC1F
cdn-cachedat
02/14/2023 09:47:31
cdn-pullzone
408079
x-amz-id-2
MglIZEV3nfvUUf9Ju0LZ9dZ15m1JYWpdiMZauYpBLzPIJbul8ryphWUm1GZHVu3iG2Yzno956Cs=
last-modified
Tue, 14 Feb 2023 09:33:24 GMT
server
BunnyCDN-DE1-865
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"b0d55c9bb284b269b2781a94102dffbf"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=604800
cdn-requestid
8482928e7fdf19d5bf7307644facbf65
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
i
snowplow.convertri.com/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://snowplow.convertri.com/i?stm=1676540839722&e=pv&url=https%3A%2F%2Fgetvcic.com%2Femail2%3Futm_source%3DActiveCampaign%26utm_medium%3Demail%26utm_content%3DLAST%2BCHANCE-%25F0%259F%2592%25B2%2B%2528Pending%2BPayments%2529%2BWhere%2Bdo%2BI%2Bsend%2Byour%25F0%259F%2592%25B27500%2Baffiliate-payment%2Blink%2B%2528Expiring%2B%2529%26utm_campaign%3DJan%2B26%2B9%2Bpm&page=DP2&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=9fca2b95-9b3d-4f1c-8018-5dee83fbda52&dtm=1676540839721&vp=1600x1200&ds=1600x1200&vid=1&sid=1587895d-4567-4c84-b8c1-a60a6f940fef&duid=fc899651-8d1c-4459-9a88-661e8d68fcfb&fp=3469908396
Requested by
Host: getvcic.com
URL: https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.103.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-103-236.compute-1.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getvcic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Feb 2023 09:47:20 GMT
access-control-allow-credentials
true
content-type
image/gif
server
spray-can/1.3.3
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Loading-gif-transparent-background-11.gif
cdn.convertri.com/57bbabe0-d77a-11e8-bb43-0602f87a6cd8/588f69956db2bc788859c4377b55a198d8c82bee/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.convertri.com/57bbabe0-d77a-11e8-bb43-0602f87a6cd8/588f69956db2bc788859c4377b55a198d8c82bee/Loading-gif-transparent-background-11.gif
Requested by
Host: getvcic.com
URL: https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::865:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-865 /
Resource Hash
523fb1e8e2c1aa3901a6559deac361e0adb3d9691ea891dd50b33a82c00aa1c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getvcic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 09:47:19 GMT
cdn-edgestorageid
1080
x-amz-request-id
VF9D2JTB0CEDSHGR
cdn-cachedat
02/14/2023 09:47:31
cdn-pullzone
408079
content-length
55920
x-amz-id-2
+Z5TOzDUbHzbx/1ySnk5RFFIZYZUArYOtyCZ4upRvpkygNp7rY6chxRvWrm/gnEDzVC5IUoMqtc=
last-modified
Thu, 24 Jun 2021 10:43:56 GMT
server
BunnyCDN-DE1-865
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"feee6836dfa232b67affb91325e17782"
content-type
image/gif
cdn-cache
HIT
cdn-uid
aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cache-control
max-age=2419200
cdn-requestid
6f3fb5f25a81bf33b907204547ee4dc1
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
Primary Request blocked
vickcarty2014.qltrk.com/qlick/
Redirect Chain
  • http://vickcarty2014.qltrk.com/l/dp2
  • http://vickcarty2014.qltrk.com/qlick/blocked
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://vickcarty2014.qltrk.com/qlick/blocked
Protocol
HTTP/1.1
Server
167.235.217.27 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.27.217.235.167.clients.your-server.de
Software
nginx / PHP/7.4.33
Resource Hash
f476feb1e4da7a2366bb04e17dffac1381af347711ed71f5300922595b9c8c87

Request headers

Referer
https://getvcic.com/email2?utm_source=ActiveCampaign&utm_medium=email&utm_content=LAST+CHANCE-%F0%9F%92%B2+%28Pending+Payments%29+Where+do+I+send+your%F0%9F%92%B27500+affiliate-payment+link+%28Expiring+%29&utm_campaign=Jan+26+9+pm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Feb 2023 09:47:21 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-ratelimit-limit
200
x-ratelimit-remaining
199

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Thu, 16 Feb 2023 09:47:21 GMT
location
http://vickcarty2014.qltrk.com/qlick/blocked
server
nginx
transfer-encoding
chunked
x-powered-by
PHP/7.4.33
x-ratelimit-limit
101
x-ratelimit-remaining
100
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Requested by
Host: vickcarty2014.qltrk.com
URL: http://vickcarty2014.qltrk.com/qlick/blocked
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea82614bdb6e52ec00223af1796c40865428b4fe876f4e3455de396aa7048dec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vickcarty2014.qltrk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 16 Feb 2023 09:47:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 09:33:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Feb 2023 09:47:21 GMT
404-bg2.jpg
vickcarty2014.qltrk.com/img/ 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vickcarty2014.qltrk.com/img/404-bg2.jpg
Protocol
HTTP/1.1
Server
167.235.217.27 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.27.217.235.167.clients.your-server.de
Software
nginx /
Resource Hash
02ef65197316ddb43f835968bedb2a88b94e9ba682245e2d5532aa221739a23b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vickcarty2014.qltrk.com/qlick/blocked
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 09:47:21 GMT
last-modified
Tue, 20 Sep 2022 14:51:55 GMT
server
nginx
accept-ranges
bytes
etag
"6329d38b-1c8fa"
content-length
116986
content-type
image/jpeg
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://vickcarty2014.qltrk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 14:00:23 GMT
x-content-type-options
nosniff
age
157618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 14:00:23 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://vickcarty2014.qltrk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 00:28:56 GMT
x-content-type-options
nosniff
age
33505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 00:28:56 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

6 Cookies

Domain/Path Name / Value
getvcic.com/ Name: _sp_ses.629e
Value: *
getvcic.com/ Name: _sp_id.629e
Value: fc899651-8d1c-4459-9a88-661e8d68fcfb.1676540840.1.1676540840.1676540840.1587895d-4567-4c84-b8c1-a60a6f940fef
.qltrk.com/ Name: ln
Value: eyJpdiI6InhqMC9YTHh0OGhCb1VNSUpUb0s5d3c9PSIsInZhbHVlIjoiL3RPNHZwWnR1K1ZkQUFyaWJ0a2FZWTFTODNkaWZOeGhrSmNreXl5dmJ2a0MyWUd3MnI3NnJaUld2ckoraEpjc0kwcitZZEtHK0g0OCthc3pBQ29wVWF6WG0rOUMwcjAyeStrd0QxR2Zab1E9IiwibWFjIjoiODNiMWJlMDk5OGJlM2RkZDM3NTE2OWY4YWUzNzJiNmEzM2QwYzNhMzhiZTUzNmE0MWZiYjAyNDE4NzdiMjg5NSJ9
vickcarty2014.qltrk.com/ Name: QLAPI
Value: 2e72c0089e023c2505817d30f3d40cbf|Y+37r|Y+37r
.qltrk.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlRvRXh1Q1JMQVFoeGRxZW5nWi91Unc9PSIsInZhbHVlIjoiT1VFS01kTE53QjRiQU9LWlNISk9ERDgwN0hqSEJCaUlwL2N2S0NPWTJFZXVjdUN3WEVUa0tkaVdLbUJCWXJmT3ByRzRybkxjUXU3Ky85RWpBcTYzQ1hCQ3ZIM1IwVmMvemEyMnBqN1FJbEFjc05RL1hoaDNpekgzOEYvZ29pbTUiLCJtYWMiOiJmMmU1OTA1NjA2ZGFmMzBlZTRkZjE2YWNkYjhkMWIwZjNjMWIzMWU1ZjJhYmEwMjgyMWVkMGVkNTQxMmNmY2Y4In0%3D
.qltrk.com/ Name: qlikersession
Value: eyJpdiI6IjZLRXh6Vm1KVHc1ZTJ1QlQ5cFA5d2c9PSIsInZhbHVlIjoiWW5VZ2xkMHI2Y3kyakwyWkdRYTdvWDh0dEpDbVBxOWtyZ0h0Ti93b3luRi9oL04xSFNheCszcE4xR1p1cEZDTmFkSTdqaUtBU1dBbHlHU0hYTGRSWEJmUW5mei9QTE0zRDZlZ0o2YklIaDNlMDNtNy9xNXMzVHgvZ1NuU3ZpNUQiLCJtYWMiOiI4NWJkZmZkODJiYjM2N2I4N2FhNmJjZTk4NGE1NThiYzhmNzE4NDIyZjM3N2ViOWZlNWNkNjJjMDE1N2RmY2NlIn0%3D