urlscan.io logo urlscan.io
SecurityTrails logo

berndsbumstipps.net Open in urlscan Pro
146.255.37.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://getsomenow.appspot.com/cRrYiFtU5AcHeDsIeErnGBsX20poi6sHK2tIiyp3C6tHy2qTKzrnhAfXxBrEmLsohAuTODcHq1d0qzpnZIcHlAqHmDpoa1s3...
Effective URL: https://berndsbumstipps.net/mld/ll/email3/bernd/
Submission: On July 10 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 13 domains to perform 28 HTTP transactions. The main IP is 146.255.37.77, located in Netherlands and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is berndsbumstipps.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 29th 2018. Valid for: 2 years.
This is the only time berndsbumstipps.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1450:400... 15169 (GOOGLE)
1 35.197.52.214 15169 (GOOGLE)
2 52.14.194.249 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 54.72.199.154 16509 (AMAZON-02)
1 1 31.186.170.69 50673 (SERVERIUS-AS)
4 4 18.235.230.47 14618 (AMAZON-AES)
1 146.255.37.77 26496 (AS-26496-...)
28 7
1    2a00:1450:4001:824::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
getsomenow.appspot.com
1    35.197.52.214 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 214.52.197.35.bc.googleusercontent.com
crossimplicationestablished.bid
2    52.14.194.249 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-14-194-249.us-east-2.compute.amazonaws.com
lltrk1.com
1    2a00:1450:4001:81b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    54.72.199.154 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-199-154.eu-west-1.compute.amazonaws.com
www.heywhatsup.xyz
1    31.186.170.69 (Bussum, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
adiktivetrafficb.site
4    18.235.230.47 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-235-230-47.compute-1.amazonaws.com
turbotracker.net
1    146.255.37.77 (Netherlands)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-146-255-37-77.ip.secureserver.net
berndsbumstipps.net
Domain Requested by
4 turbotracker.net 4 redirects
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
2 lltrk1.com crossimplicationestablished.bid
lltrk1.com
1 berndsbumstipps.net lltrk1.com
berndsbumstipps.net
1 adiktivetrafficb.site 1 redirects
1 www.heywhatsup.xyz 1 redirects
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com lltrk1.com
1 crossimplicationestablished.bid
1 getsomenow.appspot.com 1 redirects
0 cdn.onesignal.com Failed berndsbumstipps.net
28 13

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
berndsbumstipps.net
Go Daddy Secure Certificate Authority - G2		 2018-06-29 -
2020-06-29		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://berndsbumstipps.net/mld/ll/email3/bernd/
Frame ID: 79CA6DB9056AC93296B68F90EA58F810
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://getsomenow.appspot.com/cRrYiFtU5AcHeDsIeErnGBsX20poi6sHK2tIiyp3C6tHy2qTKzrnhAfXxBrEmLsohAuTODcHq1d0... HTTP 302
    http://crossimplicationestablished.bid/8h0k5zmt/t/r/fd26bab7/e/gerardnijskens4@hotmail.com/s/44818-A004515153,%7B$m... Page URL
  2. http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SI... Page URL
  3. http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1070%26... Page URL
  4. http://www.heywhatsup.xyz/aff_c?offer_id=1070&aff_id=1002 HTTP 302
    https://adiktivetrafficb.site/links/369/717/DE?website_url={{publisher_subaccount_id}}&source=VrumeDating HTTP 302
    http://turbotracker.net/in/mar2/ HTTP 302
    http://turbotracker.net/click.php?key=4k3nvlsxnsdmv9iul7xk&k=int2 HTTP 302
    http://turbotracker.net/flat/?p=0.30&s=mar2&k=x3ufrdid39ptaiw90iko&i=7a7a7g51zg6fef2f HTTP 302
    http://turbotracker.net/click.php?key=x3ufrdid39ptaiw90iko&s=mar2&p=0.3&c= HTTP 302
    https://berndsbumstipps.net/mld/ll/email3/bernd/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

28
Requests

18 %
HTTPS

50 %
IPv6

13
Domains

13
Subdomains

7
IPs

5
Countries

95 kB
Transfer

176 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://getsomenow.appspot.com/cRrYiFtU5AcHeDsIeErnGBsX20poi6sHK2tIiyp3C6tHy2qTKzrnhAfXxBrEmLsohAuTODcHq1d0qzpnZIcHlAqHmDpoa1s327tH_2s4dFhXyAuXGyrnB=pHO_cIdAeUhJdkx_hkRBeUlCekVGdDCMaXGHwjB HTTP 302
    http://crossimplicationestablished.bid/8h0k5zmt/t/r/fd26bab7/e/gerardnijskens4@hotmail.com/s/44818-A004515153,%7B$mv%7D, Page URL
  2. http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SID=44818-A004515153,,hotmail Page URL
  3. http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1070%26aff_id%3D1002 Page URL
  4. http://www.heywhatsup.xyz/aff_c?offer_id=1070&aff_id=1002 HTTP 302
    https://adiktivetrafficb.site/links/369/717/DE?website_url={{publisher_subaccount_id}}&source=VrumeDating HTTP 302
    http://turbotracker.net/in/mar2/ HTTP 302
    http://turbotracker.net/click.php?key=4k3nvlsxnsdmv9iul7xk&k=int2 HTTP 302
    http://turbotracker.net/flat/?p=0.30&s=mar2&k=x3ufrdid39ptaiw90iko&i=7a7a7g51zg6fef2f HTTP 302
    http://turbotracker.net/click.php?key=x3ufrdid39ptaiw90iko&s=mar2&p=0.3&c= HTTP 302
    https://berndsbumstipps.net/mld/ll/email3/bernd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://getsomenow.appspot.com/cRrYiFtU5AcHeDsIeErnGBsX20poi6sHK2tIiyp3C6tHy2qTKzrnhAfXxBrEmLsohAuTODcHq1d0qzpnZIcHlAqHmDpoa1s327tH_2s4dFhXyAuXGyrnB=pHO_cIdAeUhJdkx_hkRBeUlCekVGdDCMaXGHwjB HTTP 302
  • http://crossimplicationestablished.bid/8h0k5zmt/t/r/fd26bab7/e/gerardnijskens4@hotmail.com/s/44818-A004515153,%7B$mv%7D,
Request Chain 7
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=235961917&t=pageview&_s=1&dl=http%3A%2F%2Flltrk1.com%2Fsmart.track%3FVID%3D1%26AFID%3D21845%26Britt%3D44818%26PERK%3Dgerardnijskens4%40hotmail.com%26SID%3D44818-A004515153%2C%2Chotmail&dr=http%3A%2F%2Fcrossimplicationestablished.bid%2F8h0k5zmt%2Ft%2Fr%2Ffd26bab7%2Fe%2Fgerardnijskens4%40hotmail.com%2Fs%2F44818-A004515153%2C%257B%24mv%257D%2C&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oGBAAUAB~&jid=40745215&gjid=1829667522&cid=1836800221.1562800614&tid=UA-109215160-2&_gid=2113737557.1562800614&_r=1&gtm=2ou6q1&z=1640637119 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=1836800221.1562800614&jid=40745215&_gid=2113737557.1562800614&gjid=1829667522&_v=j77&z=1640637119 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1836800221.1562800614&jid=40745215&_v=j77&z=1640637119 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1836800221.1562800614&jid=40745215&_v=j77&z=1640637119&slf_rd=1&random=1675577641

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
44818-A004515153,%7B$mv%7D,
crossimplicationestablished.bid/8h0k5zmt/t/r/fd26bab7/e/gerardnijskens4@hotmail.com/s/
Redirect Chain
  • https://getsomenow.appspot.com/cRrYiFtU5AcHeDsIeErnGBsX20poi6sHK2tIiyp3C6tHy2qTKzrnhAfXxBrEmLsohAuTODcHq1d0qzpnZIcHlAqHmDpoa1s327tH_2s4dFhXyAuXGyrnB=pHO_cIdAeUhJdkx_hkRBeUlCekVGdDCMaXGHwjB
  • http://crossimplicationestablished.bid/8h0k5zmt/t/r/fd26bab7/e/gerardnijskens4@hotmail.com/s/44818-A004515153,%7B$mv%7D,
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://crossimplicationestablished.bid/8h0k5zmt/t/r/fd26bab7/e/gerardnijskens4@hotmail.com/s/44818-A004515153,%7B$mv%7D,
Protocol
HTTP/1.1
Server
35.197.52.214 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
214.52.197.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
3d2ac109a9e485d934a8fae36a99fbeac24690776c8e4706d6578c1a10fd6f40

Request headers

Host
crossimplicationestablished.bid
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 10 Jul 2019 23:16:49 GMT
content-type
text/html; charset=UTF-8
content-length
44892
connection
close
server
Apache

Redirect headers

status
302
location
http://crossimplicationestablished.bid/8h0k5zmt/t/r/fd26bab7/e/gerardnijskens4@hotmail.com/s/44818-A004515153,{$mv},
content-type
text/html
x-cloud-trace-context
f9fa58b7840d3170db7582c1d3687b4c
date
Wed, 10 Jul 2019 23:16:41 GMT
server
Google Frontend
content-length
0
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
fp.php
crossimplicationestablished.bid/images/ 		0
0
smart.track
lltrk1.com/ 		794 B
951 B 		Document
General
Check archive.org
Download Go to
Full URL
http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SID=44818-A004515153,,hotmail
Requested by
Host: crossimplicationestablished.bid
URL: http://crossimplicationestablished.bid/8h0k5zmt/t/r/fd26bab7/e/gerardnijskens4@hotmail.com/s/44818-A004515153,%7B$mv%7D,
Protocol
HTTP/1.1
Server
52.14.194.249 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-14-194-249.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
96d8fc1061950ed674a0ac8a0b289820f493a288f997e09eae8d8963997f6521

Request headers

Host
lltrk1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://crossimplicationestablished.bid/8h0k5zmt/t/r/fd26bab7/e/gerardnijskens4@hotmail.com/s/44818-A004515153,%7B$mv%7D,
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://crossimplicationestablished.bid/8h0k5zmt/t/r/fd26bab7/e/gerardnijskens4@hotmail.com/s/44818-A004515153,%7B$mv%7D,

Response headers

Date
Wed, 10 Jul 2019 23:16:53 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
794
Connection
keep-alive
Server
Apache
js
www.googletagmanager.com/gtag/ 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-109215160-2
Requested by
Host: lltrk1.com
URL: http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SID=44818-A004515153,,hotmail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0dbbcd7b360c2a707356ac552c61914265c068a546f2fba561d756a0f65e2b52
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SID=44818-A004515153,,hotmail
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 10 Jul 2019 23:16:53 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2019 22:18:38 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25677
x-xss-protection
0
expires
Wed, 10 Jul 2019 23:16:53 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109215160-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SID=44818-A004515153,,hotmail
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
1785
date
Wed, 10 Jul 2019 22:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Thu, 11 Jul 2019 00:47:08 GMT
sanitize.go
lltrk1.com/ 		222 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1070%26aff_id%3D1002
Requested by
Host: lltrk1.com
URL: http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SID=44818-A004515153,,hotmail
Protocol
HTTP/1.1
Server
52.14.194.249 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-14-194-249.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash
503b60ce1f1f48fedbcc3332077185438d1c43edd9c18cdcbd7e92446598c8e6

Request headers

Host
lltrk1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SID=44818-A004515153,,hotmail
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SID=44818-A004515153,,hotmail

Response headers

Date
Wed, 10 Jul 2019 23:16:53 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
222
Connection
keep-alive
Server
Apache
collect
www.google-analytics.com/ 		35 B
116 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SID=44818-A004515153,,hotmail
Origin
http://lltrk1.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 Jul 2019 23:16:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
http://lltrk1.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=235961917&t=pageview&_s=1&dl=http%3A%2F%2Flltrk1.com%2Fsmart.track%3FVID%3D1%26AFID%3D21845%26Britt%3D44818%26PERK%3Dgerardnijskens4%40hotmai...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-109215160-2&cid=1836800221.1562800614&jid=40745215&_gid=2113737557.1562800614&gjid=1829667522&_v=j77&z=1640637119
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1836800221.1562800614&jid=40745215&_v=j77&z=1640637119
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1836800221.1562800614&jid=40745215&_v=j77&z=1640637119&slf_rd=1&random=1675577641
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1836800221.1562800614&jid=40745215&_v=j77&z=1640637119&slf_rd=1&random=1675577641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://lltrk1.com/smart.track?VID=1&AFID=21845&Britt=44818&PERK=gerardnijskens4@hotmail.com&SID=44818-A004515153,,hotmail
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Jul 2019 23:16:53 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Jul 2019 23:16:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-109215160-2&cid=1836800221.1562800614&jid=40745215&_v=j77&z=1640637119&slf_rd=1&random=1675577641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request /
berndsbumstipps.net/mld/ll/email3/bernd/
Redirect Chain
  • http://www.heywhatsup.xyz/aff_c?offer_id=1070&aff_id=1002
  • https://adiktivetrafficb.site/links/369/717/DE?website_url={{publisher_subaccount_id}}&source=VrumeDating
  • http://turbotracker.net/in/mar2/
  • http://turbotracker.net/click.php?key=4k3nvlsxnsdmv9iul7xk&k=int2
  • http://turbotracker.net/flat/?p=0.30&s=mar2&k=x3ufrdid39ptaiw90iko&i=7a7a7g51zg6fef2f
  • http://turbotracker.net/click.php?key=x3ufrdid39ptaiw90iko&s=mar2&p=0.3&c=
  • https://berndsbumstipps.net/mld/ll/email3/bernd/
22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://berndsbumstipps.net/mld/ll/email3/bernd/
Requested by
Host: lltrk1.com
URL: http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1070%26aff_id%3D1002
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
146.255.37.77 , Netherlands, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-146-255-37-77.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Host
berndsbumstipps.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1070%26aff_id%3D1002
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://lltrk1.com/sanitize.go?url=http%3A%2F%2Fwww.heywhatsup.xyz%2Faff_c%3Foffer_id%3D1070%26aff_id%3D1002

Response headers

Date
Wed, 10 Jul 2019 23:17:01 GMT
Server
Apache
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
7138
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Server
nginx/1.10.3 (Ubuntu)
Date
Wed, 10 Jul 2019 23:17:00 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
uclick=g51zg6fe; expires=Thu, 11-Jul-2019 23:17:00 GMT; Max-Age=86400; path=/
Location
https://berndsbumstipps.net/mld/ll/email3/bernd/
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		0
0
style.css
berndsbumstipps.net/mld/ll/email3/bernd/css/ 		0
0
site.js
berndsbumstipps.net/mld/ll/email3/bernd/js/ 		0
0
BerndsBanner.gif
berndsbumstipps.net/mld/ll/email3/bernd/images/banners/ 		0
0
img1.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img2.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img3.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img4.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img5.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img6.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img7.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img8.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img9.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img10.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
ich.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/ 		0
0
img11.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img12.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
img13.jpg
berndsbumstipps.net/mld/ll/email3/bernd/images/2/ 		0
0
jquery-1.7.min.custom.js
berndsbumstipps.net/mld/ll/email3/bernd/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
crossimplicationestablished.bid
URL
http://crossimplicationestablished.bid/images/fp.php?e=M2IlLKWxozydp2gyoaZ0DTuiqT1unJjhL29g&p=f1439b81e3be8fb69f4190e8a272a827&r=004e5c79
Domain
cdn.onesignal.com
URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/css/style.css
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/js/site.js
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/banners/BerndsBanner.gif
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img1.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img2.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img3.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img4.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img5.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img6.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img7.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img8.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img9.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img10.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/ich.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img11.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img12.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/images/2/img13.jpg
Domain
berndsbumstipps.net
URL
https://berndsbumstipps.net/mld/ll/email3/bernd/jquery-1.7.min.custom.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies