click.bobitstudios.com Open in urlscan Pro
2606:4700:20::681a:fcf Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.mail.worktruckonline.com/c2/1695:63becf5cee0c6cddbf026a75:ot:636c2709369118030b0e1a7d:1/bd5f9e84?jwtH=eyJ0eXAiOiJKV1QiLCJ...
Effective URL:
https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&...
Submission: On January 12 via api (January 12th 2023, 9:26:45 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 10 HTTP transactions. The main IP is 2606:4700:20::681a:fcf, located in United States and belongs to CLOUDFLARENET, US. The main domain is click.bobitstudios.com. The Cisco Umbrella rank of the primary domain is 342856.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 21st 2022. Valid for: a year.

This is the only time click.bobitstudios.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:497f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:20:... 2606:4700:20::681a:fcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2

1 2606:4700::6812:497f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

e.mail.worktruckonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:fcf (United States)

ASN13335 (CLOUDFLARENET, US)

click.bobitstudios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	bobitstudios.com click.bobitstudios.com — Cisco Umbrella Rank: 342856	93 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 950	6 KB
1	worktruckonline.com 1 redirects e.mail.worktruckonline.com — Cisco Umbrella Rank: 341219	2 KB
10	3

	Domain	Requested by
9	click.bobitstudios.com	click.bobitstudios.com static.cloudflareinsights.com
1	static.cloudflareinsights.com	click.bobitstudios.com
1	e.mail.worktruckonline.com	1 redirects
10	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-21` - `2023-05-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
Frame ID: D5962EF2B3CBED250E23ACFF006210CB
Requests: 7 HTTP requests in this frame

Frame: https://click.bobitstudios.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1673553600
Frame ID: E504E24266F0450A85A4A456A6764B26
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

- My ASP.NET ApplicationError

Page URL History Show full URLs

https://e.mail.worktruckonline.com/c2/1695:63becf5cee0c6cddbf026a75:ot:636c2709369118030b0e1a7d:1/bd5f9e84?jwtH... HTTP 302
https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewslette... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

100 kB
Transfer

300 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.mail.worktruckonline.com/c2/1695:63becf5cee0c6cddbf026a75:ot:636c2709369118030b0e1a7d:1/bd5f9e84?jwtH=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9&jwtP=eyJpYXQiOjE2NzM1NDY0NTcsImNkIjoiLm1haWwud29ya3RydWNrb25saW5lLmNvbSIsImNlIjo4NjQwMCwidGsiOiJ3b3JrLXRydWNrIiwibXRsSUQiOiI2M2JlY2Y5M2FjYmMwM2Q2YTYwMGJjNmQiLCJsaW5rVXJsIjoiaHR0cHM6XC9cL2NsaWNrLmJvYml0c3R1ZGlvcy5jb21cL2RmcGp1bXA_aXU9XC84Njg1NTUwMFwvcmlnaHQwNCZzej0xNjB4NjAwfDE2MHgzMDB8MTUweDMxNXwxODB4MTUwJnQ9ZW5ld3NsZXR0ZXI9d3Rfd2Vla2x5dGh1cnNkYXkmYz1bVElNRVNUQU1QXSZ1dG1fc291cmNlPW5ld3NsZXR0ZXImdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249MjAyMzAxMTJfMTY5NTo2M2JlY2Y1Y2VlMGM2Y2RkYmYwMjZhNzU6b3RfTkwtV1QtVGh1cnNkYXktMjAyMzAxMTImb21pZD0xMTAyMzc0NzcwJmNpZD02MzZjMjcwOTM2OTExODAzMGIwZTFhN2QifQ&jwtS=qmxRLuB6TShzwOaRLzwTSxa1w_8ak3wkO_FoGod7D_g HTTP 302
https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

500

Primary Request dfpjump Show response
click.bobitstudios.com/
Redirect Chain

https://e.mail.worktruckonline.com/c2/1695:63becf5cee0c6cddbf026a75:ot:636c2709369118030b0e1a7d:1/bd5f9e84?jwtH=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9&jwtP=eyJpYXQiOjE2NzM1NDY0NTcsImNkIjoiLm1haWw...
https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=2023...

4 KB
5 KB

239ms
202ms

Document
text/html

2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9c00319ec1c599f4eef9a3866166361c26b276fea574c86cef41fed01c5f85d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7888f8c2ce489b98-FRA
content-type: text/html; charset=utf-8
date: Thu, 12 Jan 2023 21:26:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52sEYAi5yJ1dSu0%2BeCZmUMh2nszljPSjxO2CyRUSCpfJIGS%2FAMNNdpnGpO7qQYUrFW1Jnhrzs4ih6rdJ96Rm%2BOVJBFbQDAzboB9d16p1Yjs4fHSTluxuBdw5cHm%2FFQLO7Zx%2F%2ByhNZTeZc9ARQXQj5ghJWSw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7888f8c14ae2914c-FRA
content-type: text/html; charset=UTF-8
date: Thu, 12 Jan 2023 21:26:39 GMT
location: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
server: cloudflare
strict-transport-security: max-age=15768000; includeSubDomains; preload;
x-content-type-options: nosniff
x-download-options: noopen
x-mcid: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjAsIm0iOiIxNjk1OjYzYmVjZjVjZWUwYzZjZGRiZjAyNmE3NTpvdDo2MzZjMjcwOTM2OTExODAzMGIwZTFhN2Q6MSJ9.DS7wn4jfk58-IbfiRfiPb0PNGgzXX9OzN71sywYkzIY
x-message-istest: 0
x-permitted-cross-domain-policies: none
x-request-id: 0da647ca7281285f15706b4b2199ae20
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 css
click.bobitstudios.com/Content/ 94 KB
17 KB 227ms
226ms Stylesheet
text/css 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.bobitstudios.com/Content/css?v=MDbdFKJHBa_ctS5x4He1bMV0_RjRq8jpcIAvPpKiN6U1
Requested by: Host: click.bobitstudios.com
URL: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 860a914cab670fea26c4266bfec835c25783ec54c423680f0b6ef746a1e1b126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:26:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 12 Jan 2023 21:26:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rn4Rxr2JV0OZW6xHzuMR1q2%2BYc%2FzAiS7QNuFKIylnc%2F9aPhgImpKCc7rz2f2DyKQBtyK6sZktkVleILPD0q3IfYQzjKg0SXlBiWO207nl8cLz5IIrwQpAXpG7XDqJDHCgIXfetSwvsSHqvoUynv3bY66hPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public
cf-ray: 7888f8c459d99b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 12 Jan 2024 21:26:40 GMT

GET
H2 200 modernizr Show response
click.bobitstudios.com/bundles/ 11 KB
5 KB 220ms
219ms Script
text/javascript 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.bobitstudios.com/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by: Host: click.bobitstudios.com
URL: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:26:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 12 Jan 2023 21:26:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHsWvBb0Ph1s0rgfNpTEmhvG1FGLit7VwY%2BtF6VmdC%2FigRyFUFJOmNDMrYtivj2v0Ak2bp3VjWi3ynMCLafQr9OMosxMH8%2FJlWQbdKmUDwtEMgYafDsFTaxZc2pmtPzNt7LbyEUZxVn%2BJVoQBunC37VsG8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 7888f8c459de9b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 12 Jan 2024 21:26:40 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 178ms
53ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: click.bobitstudios.com
URL: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://click.bobitstudios.com/
Origin: https://click.bobitstudios.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:26:40 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7888f8c90c47900d-FRA

GET
H2 200 jquery Show response
click.bobitstudios.com/bundles/ 91 KB
34 KB 226ms
225ms Script
text/javascript 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.bobitstudios.com/bundles/jquery?v=FVs3ACwOLIVInrAl5sdzR2jrCDmVOWFbZMY6g6Q0ulE1
Requested by: Host: click.bobitstudios.com
URL: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:26:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 12 Jan 2023 21:26:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTGi%2FhLaRPCO5Dmm1zhkqKljcPs9LYWnwHnefbvQ6Q0h4HnfBLzgBPZ06zE4jULbY8ShDyKbub8RNtIF4ZER6zB796FZQHVUGXxaPcOJqGijgi6bMG%2B5K4YeIgaqwlAT1VSVnz0UxAK39QS0LPXYgo4gjD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 7888f8c459e29b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 12 Jan 2024 21:26:40 GMT

GET
H2 200 bootstrap Show response
click.bobitstudios.com/bundles/ 30 KB
9 KB 227ms
226ms Script
text/javascript 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.bobitstudios.com/bundles/bootstrap?v=2Fz3B0iizV2NnnamQFrx-NbYJNTFeBJ2GM05SilbtQU1
Requested by: Host: click.bobitstudios.com
URL: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:26:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 12 Jan 2023 21:26:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fYNbPhTgbsQDsaFBrFsp2xqTHlZca9ue06DyhWIdmAeNfQtW7rJw4fYaiaaqe%2FV6Xll9hEfYwdZD3p60Nidai89dYF3KbZ9pTXocZ2Y3WVeO%2FBEQZiQxC74rT9%2B0wEduurNBCpaLG4U5lzKf3sS7dC8weg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public
cf-ray: 7888f8c459e79b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 12 Jan 2024 21:26:40 GMT

GET
H3 200 invisible.js Show response
click.bobitstudios.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame E504 33 KB
14 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.bobitstudios.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1673553600
Requested by: Host: click.bobitstudios.com
URL: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f27a33b9a364164569886192eb0b896aa7e7460d3412f9b6e46c6b1721e761d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:26:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TmsXK3nE5%2FgJfYH3aDB9N9Rx1hixV0LV7oYTwbMIBqdKKCJL8MuXMihsEFuOd0CwymE5z0zZAnm2QpN%2BhERRSKiRAGedUoGDDZvR74jxjNmEiclNhEBvbJer6DIhF%2Bkno0P3%2BONbInLif9qJoOUCKjXWG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7888f8c96a5b2c39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 rum Show response
click.bobitstudios.com/cdn-cgi/ 0
145 B 21ms
20ms XHR
text/plain 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://click.bobitstudios.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600|160x300|150x315|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type: application/json

Response headers

date: Thu, 12 Jan 2023 21:26:40 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://click.bobitstudios.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7888f8c97a732c39-FRA

GET
H3 200 pica.js
click.bobitstudios.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame E504 20 KB
9 KB 16ms
15ms Other
application/javascript 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.bobitstudios.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 175cc99fa9699e8e8376394061831b03ea5cd30348f95b3535d958d7e6fc397c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 21:26:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqNdDRWJYCjtOTsuu64%2FBnzsSQerVo1KEqWhhM3CVVdnO24x%2FQMLLOtAIeeoTAIXTkKzAoHOnvfufBubA8AqGQuqFubwGTMQhrVGiDfX5viypR4W1mUBzeJEw52ZTSJeFeHTYjyJVvtKenaC29viG36KMxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7888f8c9aac72c39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7888f8c2ce489b98 Show response
click.bobitstudios.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E504 2 B
685 B 50ms
50ms XHR
text/plain 2606:4700:20::681a:fcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://click.bobitstudios.com/cdn-cgi/challenge-platform/h/g/cv/result/7888f8c2ce489b98
Requested by: Host: click.bobitstudios.com
URL: https://click.bobitstudios.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1673553600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:fcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 12 Jan 2023 21:26:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgfpukIVwHLp9pYFhF1S3dWuDvneSt3t2Zz6ez%2FWPxqym1bbrGDKSq9d4kC7bRx4uCtkVUml5Ds%2BQNsqoz%2FCNFCdk6u3A1Bu2zTafvqtOM2lk7Pnx%2BJb9ebbivHO03gdqesLPUjV18T8%2FZuMAyOcd4JYOhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7888f8cbefd42c39-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mail.worktruckonline.com/	1970-01-20 08:54:05	Name: 1695_contactID Value: 636c2709369118030b0e1a7d
.mail.worktruckonline.com/	1970-01-20 08:54:05	Name: 1695_msID Value: 1695%3A63becf5cee0c6cddbf026a75%3Aot
.mail.worktruckonline.com/	1970-01-20 08:54:05	Name: 1695_mcID Value: 1695%3A63becf5cee0c6cddbf026a75%3Aot%3A636c2709369118030b0e1a7d%3A1
.mail.worktruckonline.com/	1970-01-20 08:54:05	Name: 1695_linkID Value: 63becf93acbc03d6a600bc6d
.mail.worktruckonline.com/	1970-01-20 08:54:05	Name: v2_work-truck Value: %7B%22linkID%22%3A%2263becf93acbc03d6a600bc6d%22%2C%22mcID%22%3A%221695%3A63becf5cee0c6cddbf026a75%3Aot%3A636c2709369118030b0e1a7d%3A1%22%2C%22accountID%22%3A%221695%22%2C%22msID%22%3A%221695%3A63becf5cee0c6cddbf026a75%3Aot%22%2C%22cID%22%3A%22636c2709369118030b0e1a7d%22%7D
.e.mail.worktruckonline.com/	1970-01-20 08:52:40	Name: __cf_bm Value: a_DHULoq.df.rWK2TdE3yKawkEStG_s1FAdFX6LCtx4-1673558799-0-AfR0nMM7o0mNts/l6iRRTdxv/JYHXeLAEpKsTyNla8PGsl+X9XRBeV7GdCU/3fZesAZu8+wtfx88OzwZE8me2pw=
click.bobitstudios.com/	1969-12-31 23:59:59	Name: ServerID Value: 1024
.bobitstudios.com/	1970-01-20 08:52:40	Name: __cf_bm Value: utCMlwqYwLYBnWx9hJhKFutC_hdQfAQsjktNUpJYp4s-1673558801-0-Ae5K36+IWJPjlLNlcwXwZppNZjap3aFTyXNFF8QtpQjJnoRRSUWtjM3NXznOeU86fZLwFWIOYF6ID3yA6b8RpJypdZ1I8rFQK9N7luGcM8Wg5ohPIAuO4u4MrHN5GT7BzOZIZzO4NIJACupbCIpV+1o=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://click.bobitstudios.com/dfpjump?iu=/86855500/right04&sz=160x600\|160x300\|150x315\|180x150&t=enewsletter=wt_weeklythursday&c=[TIMESTAMP]&utm_source=newsletter&utm_medium=email&utm_campaign=20230112_1695:63becf5cee0c6cddbf026a75:ot_NL-WT-Thursday-20230112&omid=1102374770&cid=636c2709369118030b0e1a7d Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.bobitstudios.com
e.mail.worktruckonline.com
static.cloudflareinsights.com
2606:4700:20::681a:fcf
2606:4700::6810:3865
2606:4700::6812:497f
0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
175cc99fa9699e8e8376394061831b03ea5cd30348f95b3535d958d7e6fc397c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2f27a33b9a364164569886192eb0b896aa7e7460d3412f9b6e46c6b1721e761d
860a914cab670fea26c4266bfec835c25783ec54c423680f0b6ef746a1e1b126
8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec
9c00319ec1c599f4eef9a3866166361c26b276fea574c86cef41fed01c5f85d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

click.bobitstudios.com Open in urlscan Pro 2606:4700:20::681a:fcf Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

100 kBTransfer

300 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

8 Cookies

1 Console Messages

Indicators

click.bobitstudios.com Open in urlscan Pro
2606:4700:20::681a:fcf Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

100 kB
Transfer

300 kB
Size

8
Cookies

10 HTTP transactions
0 data transactions