urlscan.io logo urlscan.io
SecurityTrails logo

xz-go.net Open in urlscan Pro
137.74.65.8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://capitaioneautonavigator.com/
Effective URL: https://xz-go.net/redirect-simple?ci=179&c=nl
Submission: On November 16 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 7 domains to perform 5 HTTP transactions. The main IP is 137.74.65.8, located in France and belongs to OVH, FR. The main domain is xz-go.net.
TLS certificate: Issued by R3 on October 30th 2021. Valid for: 3 months.
This is the only time xz-go.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 212.32.237.101 60781 (LEASEWEB-...)
2 2 173.192.101.24 36351 (SOFTLAYER)
1 137.74.65.8 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 83.217.83.131 34762 (COMBELL-AS)
5 5
2    212.32.237.101 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
capitaioneautonavigator.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p185689.mybetterdl.com
1    137.74.65.8 (France)

ASN16276 (OVH, FR)
PTR: ip8.ip-137-74-65.eu
xz-go.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6813:a960 (United States)

ASN13335 (CLOUDFLARENET, US)
r.srvtrck.com
2    83.217.83.131 (Belgium)

ASN34762 (COMBELL-AS, BE)
PTR: 83.217.83.131.static.hosted.by.combell.com
www.dierenwinkelxl.nl
Domain Requested by
2 www.dierenwinkelxl.nl 1 redirects
2 capitaioneautonavigator.com 1 redirects
1 r.srvtrck.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com xz-go.net
1 xz-go.net capitaioneautonavigator.com
1 p185689.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
5 8

This site contains no links.

Subject Issuer Validity Valid
xz-go.net
R3		 2021-10-30 -
2022-01-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.dierenwinkelxl.nl
Sectigo RSA Domain Validation Secure Server CA		 2021-10-10 -
2022-11-07		 a year crt.sh

This page contains 1 frames:

Frame: https://www.dierenwinkelxl.nl/
Frame ID: 35C531063868E33A933C5471F5CC04E8
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://capitaioneautonavigator.com/ Page URL
  2. http://capitaioneautonavigator.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNzA... HTTP 302
    https://mybetterdl.com/aS/feedclick?s=NnlfnMR-U-oMyc3UTKC97I8uDhK_8R6jIkJ5j20TtbiCp8E46DR1mzZTiQMvA... HTTP 302
    https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12Lro4Bzqt0qNJNKId4yj9-6uOfTXQ4LmhXJduQWGes2sZ... HTTP 302
    https://xz-go.net/redirect-simple?ci=179&c=nl Page URL

Page Statistics

5
Requests

80 %
HTTPS

43 %
IPv6

7
Domains

8
Subdomains

5
IPs

5
Countries

32 kB
Transfer

32 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://capitaioneautonavigator.com/ Page URL
  2. http://capitaioneautonavigator.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNzAyODgxMSwiaWF0IjoxNjM3MDIxNjExLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycXJ0c3VzOXJhMWJzM3NocWMxdHRkbTYiLCJuYmYiOjE2MzcwMjE2MTEsInRzIjoxNjM3MDIxNjExNzQ3NTU4fQ.lkcPvVFBp2X73pQ42jRew_ubGCZSrs3qH4cXN3CSZC8&sid=080b31e2-4672-11ec-994b-67467f459fd0 HTTP 302
    https://mybetterdl.com/aS/feedclick?s=NnlfnMR-U-oMyc3UTKC97I8uDhK_8R6jIkJ5j20TtbiCp8E46DR1mzZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhBk62mhAGgs4gS41QDYTbhAEysjXg8JANJjEIILW_3V7XWOpnxryNlwrjG0nSZQzsmab-wDJ8uHORPZLPdbqlvfAtnQ_vwjMT1-tXcnX29EdFJj3dd4zoKsHJdEX-l6TDRxCetwKzZiMj4VNUVv-F54wNLviO8s7kKPAzu1H10eoO9Oh4bNybVJ0Pdn7fPJVRGLBgNfBmVvDjxhBtvEPWNaP3rSqeiKDLlS3TLx_YVT6GitvjnjFd5izsLOTcLPdtxlfrdJN8t_50ONcjCc9no79Xd5pMliPWx2wsAxRiYJiF2ntXRqXytALXNAm5xN1YO9-FqBqwyahxvKMCyfakU1ks4kJ8loiFcf37OhP1fIFO269u77TNO4ZtW9GxUh_N0nOqKwQfI7pNOnitwONLIHjZY5geYCKLbZtzB4APF52ZZHq0E4JvggEZG7tiC6k1i9JDd57xdaBuSzwzxOhLGTqxq2rdDXkd0JgjRSxqQMKSvyemxkp3fzg_9kA7c3AZamM78q2iqDWYYelm58U-bnhfabhnvtxMuqbkAATt7v0RrGVub2xVoLjR7mqaJIFymm2YtEqIs09asWOjsI_ZCTzctVCtFSw_9PbUq0bQ6TgQJ4XASAqT5tDM8zz5P-_HiB3qupoSlXxy4ynx6DJ-nkjfRaZdZx-MxiXxikXDLp0Xi_PIq7VCMWCrzyWoKLqtSOsNdn2d6Hq_yHOBkahiEjRfBTWHLr-9k6cgWrrO1rRyk_hzAT0tcycKBhAGweDYWnWI557a7Tg9OeWlYl329Eue5OGc11rKGZrqQF36m5E-QpjtGdVNcH92WuSHCEcW_j2slGkUjxJu-J8WikE8kDKxMHoljH9otyolfLaRUoUIK4wzjsoOFHthcyKVyKyS-Mw1g12Gpmk9Qu_bjWIlfWLzGF_4VIu0fm8hWbifWvhVgc4RpsnM5sSk-xMUv5oFGkB5XDehulyTMK1aE4hjJrjDClfuErX8sO992JrbNvdJzWmCeov1H_izGQADnpoJaUrOFaCjgOot__oRmnp7Dab7xaM5SMJmZayo9uq8f7PbZHKlcMsIKlsFDrLeUMmuiQPtXcJTecQHYnF_uGKIhf9i8RXIBPiaHC6EZ1O5NZDuNOx_OGrEsGBXiCmWDvgfzf5yO9JkAy7rPSpaB8p8cgbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa1GVWyseWWwK6c7oiDTpxDaQOdy-Ktbcd--YqskXimRCL7oeqEmQLKbq9IaY6LYxIZWMdLhVZ-b5n59VYt5V7H6adfsMI0Kq3gu7hkyFqwyBNbG1rwzn-Js2HzVjS4e3YpeiFGbHmf8djL1pwzwMI6w1S9v3l4svP4s32N4FzZHZGgznN-ONrZdQXXR_o210dZ-UrZ9i_W3Y0lWw4TTpC4hLrnrAZQj0YDskwtnnQ2WmBQTtb1Vp_ixJNhgx7SSZfsDaS3DIHoJdmA6WwZQCkcwBYYJISxYrLv4E59I_AAUs7NyxpO6u1_W9XgR-fXTHijdcTv1Ox3gVMa_HIBWHEGuJC2Rcmm4h_ViSh_WrdXbOmyzGqq-MgZHwp-g_pTWfzLgqArE-y2LskC-i5uTeqXWnzmyK3iYfP-7wJfkHvf6Uz99Y9tpVT7k5jDCok9YMrNKId4yj9-6uOfTXQ4LmhXJduQWGes2sZJu-b8e5wd_Vhd9RXwRoGzg59NdDguaFcl25BYZ6zaxkhPfb6OZ22STCpL-aTw7hawXB51tqT9-yhCcIiriXVPniaDvb1ftW4t0Azp-j8QGh HTTP 302
    https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12Lro4Bzqt0qNJNKId4yj9-6uOfTXQ4LmhXJduQWGes2sZLiOr9tKGAzjxB83NhOMBEb7kKWKLwImi5S9AjIFwEg7_JtJJYHsvZxjJL__Kzg73_AXzXJe5ZDcDriuDoitzxFfzat_RQGzuKciXKKYTL0Dp2Jc8dpAfUIrS99507LsrZObFYsFfkZj8R3-Lf5i2NzJt-kXHV1-lU7WFjvLF56n74C3BBpHcv-zi8VCW4KGllNBCaDQPumjnUsZVZhWVPNBXsh0Tqe8UUP4ihGJaOYXIiKY6PWl2DZFBxil7Rp_iE3IRxQkhPkJ5QMdmmBTKxJlPiCT55VdXwlt7BALO2dZavrN34ClNKGXohRmx5n_HYy9acM8DCOsZnHCNi6IMIIp162R9r11ccMm0HnqPkppAv4rq44KcBDCF7WIMxlUWr7AdIrib2gOJf4yBNRlqxdPnEhIaw2zsRJHJzdDv6O5-zfUS8nVU04fFcxJ0StShp2s0_34CATUuHZzeSQTgkyFv_aZQC5A4r4FDOdw858tImbOeXz24ZVRY0XLI-w26tWjri88Beg6ZonWe_Vtl9GtFLC8pMLsUA5RUDuR6cw8Yhsk4XN-2L1z7G7ZPe4bznH7_a5KV3xE&ui=NnlfnMR-U-oMyc3UTKC97PbWwvziNp_1xLgNeF8Zj-hmrEJIGtQMcc45HQhzBw0qUF10f6NtdHWflK2fYv1t2NJVsOE06QuIS656wGUI9GB1qiia91AczQ&si=1&oref=621c87237089c6270dad34fa095a7cab&optunit=J75hwb_SkMb0uKjUhV-iHGLs_F4ZGDGh6JiecLcO7yA&rb=JqqHJF0zZfk&rr=1&abtg=0 HTTP 302
    https://xz-go.net/redirect-simple?ci=179&c=nl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=f779c4255ef54138a53b055e08d79d6d&api_key=663b96b27e0606a326dc800d7f6ee8b3&site_id=8f7abf35c96c4d04b04ef2a5269b4419&dch=feed&ad_t=advertiser HTTP 302
  • http://www.dierenwinkelxl.nl/ HTTP 302
  • https://www.dierenwinkelxl.nl/

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
capitaioneautonavigator.com/ 		483 B
854 B 		Document
General
Check archive.org
Download Go to
Full URL
http://capitaioneautonavigator.com/
Protocol
HTTP/1.1
Server
212.32.237.101 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
483
content-type
text/html; charset=utf-8
date
Tue, 16 Nov 2021 00:13:31 GMT
server
nginx
Primary Request redirect-simple
xz-go.net/
Redirect Chain
  • http://capitaioneautonavigator.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYzNzAyODgxMSwiaWF0IjoxNjM3MDIxNjExLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycXJ0c3VzOXJhMWJzM...
  • https://mybetterdl.com/aS/feedclick?s=NnlfnMR-U-oMyc3UTKC97I8uDhK_8R6jIkJ5j20TtbiCp8E46DR1mzZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySLp7WzEZyY0OuJgxs4iewhBk62mhAGgs4gS41QDYTbhAEysjXg8JANJjEIILW_3V...
  • https://p185689.mybetterdl.com/adServe/domainClick?ai=tMxzWfm12Lro4Bzqt0qNJNKId4yj9-6uOfTXQ4LmhXJduQWGes2sZLiOr9tKGAzjxB83NhOMBEb7kKWKLwImi5S9AjIFwEg7_JtJJYHsvZxjJL__Kzg73_AXzXJe5ZDcDriuDoitzxFfzat...
  • https://xz-go.net/redirect-simple?ci=179&c=nl
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xz-go.net/redirect-simple?ci=179&c=nl
Requested by
Host: capitaioneautonavigator.com
URL: http://capitaioneautonavigator.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.74.65.8 , France, ASN16276 (OVH, FR),
Reverse DNS
ip8.ip-137-74-65.eu
Software
nginx/1.10.3 /
Resource Hash
cd4e05bcd4b30495c49cdbfff76a01cca036192685921e3ce800e2cb97299d0e
Security Headers
Name Value
X-Frame-Options *

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
http://capitaioneautonavigator.com/

Response headers

server
nginx/1.10.3
date
Tue, 16 Nov 2021 00:13:34 GMT
content-type
text/html; charset=UTF-8
x-frame-options
*
content-encoding
gzip

Redirect headers

server
nginx
date
Tue, 16 Nov 2021 00:13:34 GMT
content-length
0
location
https://xz-go.net/redirect-simple?ci=179&c=nl
css
fonts.googleapis.com/ 		417 B
826 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Permanent+Marker&display=swap
Requested by
Host: xz-go.net
URL: https://xz-go.net/redirect-simple?ci=179&c=nl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07b0ae97bad7de658bbf4b1ca5302bf5e5224b9ef2b87ab52f7812fd81fac1c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://xz-go.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 00:13:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 16 Nov 2021 00:13:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Nov 2021 00:13:34 GMT
Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
fonts.gstatic.com/s/permanentmarker/v10/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/permanentmarker/v10/Fh4uPib9Iyv2ucM6pGQMWimMp004La2Cfw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Permanent+Marker&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4884fec2c73aa52a2461073c1b87d1ceb80f400520391b43f97ca7d3c39eeb24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xz-go.net
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 18:04:09 GMT
x-content-type-options
nosniff
age
22165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29564
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:51:14 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 15 Nov 2022 18:04:09 GMT
/
www.dierenwinkelxl.nl/
Redirect Chain
  • https://r.srvtrck.com/v1/redirect?type=linkId&id=f779c4255ef54138a53b055e08d79d6d&api_key=663b96b27e0606a326dc800d7f6ee8b3&site_id=8f7abf35c96c4d04b04ef2a5269b4419&dch=feed&ad_t=advertiser
  • http://www.dierenwinkelxl.nl/
  • https://www.dierenwinkelxl.nl/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dierenwinkelxl.nl/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
83.217.83.131 , Belgium, ASN34762 (COMBELL-AS, BE),
Reverse DNS
83.217.83.131.static.hosted.by.combell.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://xz-go.net/redirect-simple?ci=179&c=nl

Response headers

Server
nginx
Date
Tue, 16 Nov 2021 00:13:39 GMT
Content-Type
text/html; charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
strict-transport-security
max-age=31536000
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 16 Nov 2021 00:13:35 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
214
Connection
keep-alive
Location
https://www.dierenwinkelxl.nl/

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

4 Cookies

Domain/Path Name / Value
.capitaioneautonavigator.com/ Name: sid
Value: 080b31e2-4672-11ec-994b-67467f459fd0
.mybetterdl.com/ Name: rhid
Value: 80111429877
.mybetterdl.com/ Name: loi
Value: ad_1117515_off_562868_aff_89990_cid_185689-CAPITAIONEAUTONAVIGATOR.COM_ts_1637021614
.srvtrck.com/ Name: ykuid
Value: f4fb7921995143b79264b6d9e8c07972