urlscan.io logo urlscan.io
SecurityTrails logo

7htl5ppf1o.gunetakeru.tech Open in urlscan Pro
149.100.138.182  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://djz6vt04.eu1.hubspotlinksfree.com/Ctc/DQ%2B113/djZ6vt04/VVSYWZ6K82mqN5JhNN5w4jnMW6YVQGc59cZnkN44_Dbq3m2ndW7lCdLW6lZ3kDW7gS3Mc27jMg...
Effective URL: https://7htl5ppf1o.gunetakeru.tech/?email=
Submission: On February 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 7 HTTP transactions. The main IP is 149.100.138.182, located in and belongs to . The main domain is 7htl5ppf1o.gunetakeru.tech.
TLS certificate: Issued by R3 on January 25th 2024. Valid for: 3 months.
This is the only time 7htl5ppf1o.gunetakeru.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 172.65.230.173 13335 (CLOUDFLAR...)
1 2 2400:8500:130... 7506 (INTERQ GM...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:233... 15133 (EDGECAST)
1 37.120.234.46 9009 (M247)
1 149.100.138.182 ()
7 8
2    172.65.230.173 (United States)

ASN13335 (CLOUDFLARENET, US)
djz6vt04.eu1.hubspotlinksfree.com
2    2400:8500:1301:162::19:1 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
eventsplc.click
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:2800:233:78b9:f44e:2c1f:31aa:d9ef (United States)

ASN15133 (EDGECAST, US)
aadcdn.msftauth.net
1    37.120.234.46 (Sydney, Australia)

ASN9009 (M247, RO)
PTR: no-rdns.m247.com
rw6vpk.unitedarabemiratestube.com
1    149.100.138.182 (None, )

ASN- ()
7htl5ppf1o.gunetakeru.tech
Apex Domain
Subdomains		 Transfer
2 eventsplc.click
eventsplc.click
8 KB
2 hubspotlinksfree.com
djz6vt04.eu1.hubspotlinksfree.com
3 KB
1 gunetakeru.tech
7htl5ppf1o.gunetakeru.tech
34 KB
1 unitedarabemiratestube.com
rw6vpk.unitedarabemiratestube.com
531 B
1 msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 903
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
28 KB
7 7
Domain Requested by
2 eventsplc.click 1 redirects djz6vt04.eu1.hubspotlinksfree.com
2 djz6vt04.eu1.hubspotlinksfree.com 1 redirects
1 7htl5ppf1o.gunetakeru.tech rw6vpk.unitedarabemiratestube.com
1 rw6vpk.unitedarabemiratestube.com eventsplc.click
1 aadcdn.msftauth.net eventsplc.click
1 fonts.googleapis.com eventsplc.click
1 cdnjs.cloudflare.com eventsplc.click
7 7

This site contains no links.

Subject Issuer Validity Valid
hubspotlinksfree.com
Cloudflare Inc ECC CA-3		 2023-04-17 -
2024-04-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
aadcdn.msftauth.net
DigiCert SHA2 Secure Server CA		 2023-12-01 -
2024-12-01		 a year crt.sh
7htl5ppf1o.gunetakeru.tech
R3		 2024-01-25 -
2024-04-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://7htl5ppf1o.gunetakeru.tech/?email=
Frame ID: 9DA0FC3132AC798042E86781FC5F27C6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://djz6vt04.eu1.hubspotlinksfree.com/Ctc/DQ%2B113/djZ6vt04/VVSYWZ6K82mqN5JhNN5w4jnMW6YVQGc59cZnkN44_Dbq3m2ndW7lCd... Page URL
  2. https://djz6vt04.eu1.hubspotlinksfree.com/events/public/v1/encoded/track/tc/DQ+113/djZ6vt04/VVSYWZ6K82mqN5JhNN5w4jnMW6... HTTP 307
    http://eventsplc.click/093adspas/033oewa?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U... HTTP 301
    http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4... Page URL
  3. http://rw6vpk.unitedarabemiratestube.com/ Page URL
  4. https://7htl5ppf1o.gunetakeru.tech/?email= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

71 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

8
IPs

4
Countries

92 kB
Transfer

262 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://djz6vt04.eu1.hubspotlinksfree.com/Ctc/DQ%2B113/djZ6vt04/VVSYWZ6K82mqN5JhNN5w4jnMW6YVQGc59cZnkN44_Dbq3m2ndW7lCdLW6lZ3kDW7gS3Mc27jMgSW7mWL-N3055STN6bVhQ4wjxBhW5wt8wm1dXzs-W3Q2XqX43zNyNW3s-NnP6WhN0KW33s2sq8tTZVgN7bhBrVGtqpfN4dYdpnRwVvJW4297Tk5PzK1mW4DL3XS4QP99CN4xDRztDtQDnW3Y_0qW19Y3YTW3gyrDw3ymjw0W5gYYK-7DhswxW92RL9t8Zvpm9N6v7hKDBpCRgW8D87Cg1XnvScW2bsHjX7ZYjZyW5vyjpB3S6FmqW3ZM1PL9l1K4lN2QtcTBS4RC-V4SYDk4vt10YW1DSZhr8mq4zXf3FhJ8-04 Page URL
  2. https://djz6vt04.eu1.hubspotlinksfree.com/events/public/v1/encoded/track/tc/DQ+113/djZ6vt04/VVSYWZ6K82mqN5JhNN5w4jnMW6YVQGc59cZnkN44_Dbq3m2ndW7lCdLW6lZ3kDW7gS3Mc27jMgSW7mWL-N3055STN6bVhQ4wjxBhW5wt8wm1dXzs-W3Q2XqX43zNyNW3s-NnP6WhN0KW33s2sq8tTZVgN7bhBrVGtqpfN4dYdpnRwVvJW4297Tk5PzK1mW4DL3XS4QP99CN4xDRztDtQDnW3Y_0qW19Y3YTW3gyrDw3ymjw0W5gYYK-7DhswxW92RL9t8Zvpm9N6v7hKDBpCRgW8D87Cg1XnvScW2bsHjX7ZYjZyW5vyjpB3S6FmqW3ZM1PL9l1K4lN2QtcTBS4RC-V4SYDk4vt10YW1DSZhr8mq4zXf3FhJ8-04?_ud=1a34a5a0-aa54-4bbb-9701-d4e5032633db&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    http://eventsplc.click/093adspas/033oewa?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email HTTP 301
    http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email Page URL
  3. http://rw6vpk.unitedarabemiratestube.com/ Page URL
  4. https://7htl5ppf1o.gunetakeru.tech/?email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://djz6vt04.eu1.hubspotlinksfree.com/events/public/v1/encoded/track/tc/DQ+113/djZ6vt04/VVSYWZ6K82mqN5JhNN5w4jnMW6YVQGc59cZnkN44_Dbq3m2ndW7lCdLW6lZ3kDW7gS3Mc27jMgSW7mWL-N3055STN6bVhQ4wjxBhW5wt8wm1dXzs-W3Q2XqX43zNyNW3s-NnP6WhN0KW33s2sq8tTZVgN7bhBrVGtqpfN4dYdpnRwVvJW4297Tk5PzK1mW4DL3XS4QP99CN4xDRztDtQDnW3Y_0qW19Y3YTW3gyrDw3ymjw0W5gYYK-7DhswxW92RL9t8Zvpm9N6v7hKDBpCRgW8D87Cg1XnvScW2bsHjX7ZYjZyW5vyjpB3S6FmqW3ZM1PL9l1K4lN2QtcTBS4RC-V4SYDk4vt10YW1DSZhr8mq4zXf3FhJ8-04?_ud=1a34a5a0-aa54-4bbb-9701-d4e5032633db&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
  • http://eventsplc.click/093adspas/033oewa?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email HTTP 301
  • http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVSYWZ6K82mqN5JhNN5w4jnMW6YVQGc59cZnkN44_Dbq3m2ndW7lCdLW6lZ3kDW7gS3Mc27jMgSW7mWL-N3055STN6bVhQ4wjxBhW5wt8wm1dXzs-W3Q2XqX43zNyNW3s-NnP6WhN0KW33s2sq8tTZVgN7bhBrVGtqpfN4dYdpnRwVvJW4297Tk5PzK1mW4DL3XS4...
djz6vt04.eu1.hubspotlinksfree.com/Ctc/DQ%2B113/djZ6vt04/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://djz6vt04.eu1.hubspotlinksfree.com/Ctc/DQ%2B113/djZ6vt04/VVSYWZ6K82mqN5JhNN5w4jnMW6YVQGc59cZnkN44_Dbq3m2ndW7lCdLW6lZ3kDW7gS3Mc27jMgSW7mWL-N3055STN6bVhQ4wjxBhW5wt8wm1dXzs-W3Q2XqX43zNyNW3s-NnP6WhN0KW33s2sq8tTZVgN7bhBrVGtqpfN4dYdpnRwVvJW4297Tk5PzK1mW4DL3XS4QP99CN4xDRztDtQDnW3Y_0qW19Y3YTW3gyrDw3ymjw0W5gYYK-7DhswxW92RL9t8Zvpm9N6v7hKDBpCRgW8D87Cg1XnvScW2bsHjX7ZYjZyW5vyjpB3S6FmqW3ZM1PL9l1K4lN2QtcTBS4RC-V4SYDk4vt10YW1DSZhr8mq4zXf3FhJ8-04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.230.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
852543cdda0c3809-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Thu, 08 Feb 2024 16:31:46 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
5
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/event-tracking-td/envoy-proxy-7b89646b5c-b6cfv
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
01247cea-e9a1-4dd9-ac5d-aff54d9e9699
x-request-id
01247cea-e9a1-4dd9-ac5d-aff54d9e9699
x-robots-tag
none
/
eventsplc.click/093adspas/033oewa/
Redirect Chain
  • https://djz6vt04.eu1.hubspotlinksfree.com/events/public/v1/encoded/track/tc/DQ+113/djZ6vt04/VVSYWZ6K82mqN5JhNN5w4jnMW6YVQGc59cZnkN44_Dbq3m2ndW7lCdLW6lZ3kDW7gS3Mc27jMgSW7mWL-N3055STN6bVhQ4wjxBhW5wt8...
  • http://eventsplc.click/093adspas/033oewa?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=8252...
  • http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=825...
42 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email
Requested by
Host: djz6vt04.eu1.hubspotlinksfree.com
URL: https://djz6vt04.eu1.hubspotlinksfree.com/Ctc/DQ%2B113/djZ6vt04/VVSYWZ6K82mqN5JhNN5w4jnMW6YVQGc59cZnkN44_Dbq3m2ndW7lCdLW6lZ3kDW7gS3Mc27jMgSW7mWL-N3055STN6bVhQ4wjxBhW5wt8wm1dXzs-W3Q2XqX43zNyNW3s-NnP6WhN0KW33s2sq8tTZVgN7bhBrVGtqpfN4dYdpnRwVvJW4297Tk5PzK1mW4DL3XS4QP99CN4xDRztDtQDnW3Y_0qW19Y3YTW3gyrDw3ymjw0W5gYYK-7DhswxW92RL9t8Zvpm9N6v7hKDBpCRgW8D87Cg1XnvScW2bsHjX7ZYjZyW5vyjpB3S6FmqW3ZM1PL9l1K4lN2QtcTBS4RC-V4SYDk4vt10YW1DSZhr8mq4zXf3FhJ8-04
Protocol
HTTP/1.1
Server
2400:8500:1301:162::19:1 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1f73f96d504b4ebec42d4353c1745d866ef33e2ac322fb34c63f6c2fdd3988cb

Request headers

Referer
https://djz6vt04.eu1.hubspotlinksfree.com/Ctc/DQ%2B113/djZ6vt04/VVSYWZ6K82mqN5JhNN5w4jnMW6YVQGc59cZnkN44_Dbq3m2ndW7lCdLW6lZ3kDW7gS3Mc27jMgSW7mWL-N3055STN6bVhQ4wjxBhW5wt8wm1dXzs-W3Q2XqX43zNyNW3s-NnP6WhN0KW33s2sq8tTZVgN7bhBrVGtqpfN4dYdpnRwVvJW4297Tk5PzK1mW4DL3XS4QP99CN4xDRztDtQDnW3Y_0qW19Y3YTW3gyrDw3ymjw0W5gYYK-7DhswxW92RL9t8Zvpm9N6v7hKDBpCRgW8D87Cg1XnvScW2bsHjX7ZYjZyW5vyjpB3S6FmqW3ZM1PL9l1K4lN2QtcTBS4RC-V4SYDk4vt10YW1DSZhr8mq4zXf3FhJ8-04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
accept-ranges
bytes
content-encoding
gzip
content-length
7730
content-type
text/html
date
Thu, 08 Feb 2024 16:31:49 GMT
etag
"a62c-65c3bd18-dec9d2e4d08008e8;gz"
last-modified
Wed, 07 Feb 2024 17:25:44 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Thu, 08 Feb 2024 16:31:48 GMT
location
http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email
server
LiteSpeed
vary
User-Agent
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: eventsplc.click
URL: http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://eventsplc.click/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 08 Feb 2024 16:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6266015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPPQSFFNuTtDtqoQrd5qlZvKxjtMXkLWHlKo0k7%2BVhCuN40LwD2KA9Y6yg8LpJV33rBjVbV4j8bkauTyR3CXjq6LiXKthWZFwxlLSYVXBWAbOQHgksYSWRo7EOuNi4qu15AMQfAEaXe8BDwy7kc1YgQq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
852543de2b9d5d44-FRA
expires
Tue, 28 Jan 2025 16:31:49 GMT
css2
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: eventsplc.click
URL: http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://eventsplc.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 08 Feb 2024 16:31:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 16:11:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Feb 2024 16:31:49 GMT
favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Requested by
Host: eventsplc.click
URL: http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6765) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://eventsplc.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 08 Feb 2024 16:31:49 GMT
content-md5
EuPayFgGHQiAI7K9SOL6lg==
age
15174958
x-cache
HIT
content-length
17174
x-ms-lease-status
unlocked
last-modified
Sun, 18 Oct 2020 03:02:30 GMT
server
ECAcc (frb/6765)
etag
0x8D8731240E548EB
content-type
image/x-icon
access-control-allow-origin
*
x-ms-request-id
997d0fea-501e-00ee-1da8-d0ed4c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://eventsplc.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
/
rw6vpk.unitedarabemiratestube.com/ 		323 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rw6vpk.unitedarabemiratestube.com/
Requested by
Host: eventsplc.click
URL: http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email
Protocol
HTTP/1.1
Server
37.120.234.46 Sydney, Australia, ASN9009 (M247, RO),
Reverse DNS
no-rdns.m247.com
Software
Apache /
Resource Hash

Request headers

Referer
http://eventsplc.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Feb 2024 16:31:51 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Primary Request /
7htl5ppf1o.gunetakeru.tech/ 		87 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7htl5ppf1o.gunetakeru.tech/?email=
Requested by
Host: rw6vpk.unitedarabemiratestube.com
URL: http://rw6vpk.unitedarabemiratestube.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
149.100.138.182 -, , ASN (),
Reverse DNS
Software
Apache/2.4.57 (Unix) OpenSSL/1.1.1k / PHP/7.4.1
Resource Hash
39a86f79c5fcdd6c35447785077cf6702efed96cde8b8ac150e1cead94a7e649

Request headers

Referer
http://rw6vpk.unitedarabemiratestube.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
34583
Content-Type
text/html; charset=UTF-8
Date
Thu, 08 Feb 2024 16:31:53 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.57 (Unix) OpenSSL/1.1.1k
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/7.4.1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning URL: http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://eventsplc.click/093adspas/033oewa/?utm_medium=email&_hsmi=82526927&_hsenc=p2ANqtz-_dfSpDCXU4U7tb_jjPWuy3c_62LV0E-1pj_Vg5S6XY4dM8GGlRM5LNKMXYST63aPN-CzrDktbY9wVdNe7GA8EdJdRHyw&utm_content=82526927&utm_source=hs_email
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff