lp.potenzmittel.gratis Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/12545454q54sdqds/sejdsdskdj/sdfnksdnfksdfnkqsjdf/oirjfeoirfjoisfdjsiodfjlsdf/redi.html#c24597Qcm...
Effective URL:
https://lp.potenzmittel.gratis/anfordern/?refID=1213
Submission: On September 13 via api (September 13th 2021, 5:07:32 pm UTC) from BE — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 10 domains to perform 18 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is lp.potenzmittel.gratis.
TLS certificate: Issued by R3 on July 25th 2021. Valid for: 3 months.

This is the only time lp.potenzmittel.gratis was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4007:816::2010	15169 (GOOGLE) (GOOGLE)
1 2	178.170.14.86 178.170.14.86	21409 (IKOULA) (IKOULA)
1 1	34.90.63.251 34.90.63.251	15169 (GOOGLE) (GOOGLE)
2 2	52.210.174.128 52.210.174.128	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
2	52.222.174.124 52.222.174.124	() ()
4	2606:4700:20:... 2606:4700:20::ac43:47b8	() ()
4	85.195.93.95 85.195.93.95	() ()
18	7

1 2a00:1450:4007:816::2010 (Ireland)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.170.14.86 (France) 1 redirects

ASN21409 (IKOULA, FR)
PTR: acggroupabbott.xyz

rodrigesefile.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.63.251 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 251.63.90.34.bc.googleusercontent.com

rofpurple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.174.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com

www.email-versandservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nutri.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.202.50 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

lp.potenzmittel.gratis	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.174.124 (None, )

ASN- ()

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:47b8 (None, )

ASN- ()

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 85.195.93.95 (None, )

ASN- ()

p.gsitrix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	gsitrix.com p.gsitrix.com o.gsitrix.com Failed	55 KB
4	cleverpush.com static.cleverpush.com az-vitamins.cleverpush.com Failed	58 KB
2	unbounce.com builder-assets.unbounce.com	37 KB
2	potenzmittel.gratis 1 redirects lp.potenzmittel.gratis	4 KB
2	rodrigesefile.xyz 1 redirects rodrigesefile.xyz	570 B
1	go2cloud.org 1 redirects nutri.go2cloud.org	2 KB
1	email-versandservice.com 1 redirects www.email-versandservice.com	658 B
1	rofpurple.com 1 redirects rofpurple.com	777 B
1	googleapis.com storage.googleapis.com	985 B
0	cloudfront.net Failed d34qb8suadcc4g.cloudfront.net Failed d9hhrg4mnvzow.cloudfront.net Failed
18	10

	Domain	Requested by
4	p.gsitrix.com	lp.potenzmittel.gratis p.gsitrix.com
4	static.cleverpush.com	lp.potenzmittel.gratis static.cleverpush.com
2	builder-assets.unbounce.com	lp.potenzmittel.gratis
2	lp.potenzmittel.gratis	1 redirects rodrigesefile.xyz
2	rodrigesefile.xyz	1 redirects storage.googleapis.com
1	nutri.go2cloud.org	1 redirects
1	www.email-versandservice.com	1 redirects
1	rofpurple.com	1 redirects
1	storage.googleapis.com
0	az-vitamins.cleverpush.com Failed	static.cleverpush.com
0	d9hhrg4mnvzow.cloudfront.net Failed	lp.potenzmittel.gratis
0	o.gsitrix.com Failed	p.gsitrix.com
0	d34qb8suadcc4g.cloudfront.net Failed	lp.potenzmittel.gratis
18	13

This site contains no links.

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
lp.potenzmittel.gratis R3	`2021-07-25` - `2021-10-23`	3 months	crt.sh
*.unbounce.com Amazon	`2021-03-10` - `2022-04-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh
p.gsitrix.com R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://lp.potenzmittel.gratis/anfordern/?refID=1213
Frame ID: 90C69EE715B793031A6A6FE03C4A2DF7
Requests: 18 HTTP requests in this frame

Frame: https://az-vitamins.cleverpush.com/iframe?origin=https%3A%2F%2Flp.potenzmittel.gratis
Frame ID: 5DC990A8172E9685F15184B05B01E322
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://storage.googleapis.com/12545454q54sdqds/sejdsdskdj/sdfnksdnfksdfnkqsjdf/oirjfeoirfjoisfdjsiodfjlsdf... Page URL
http://rodrigesefile.xyz/rd/c24597QcmTi18327493nkmN2LFh954SSYC70 Page URL
http://rodrigesefile.xyz/track/c24597QcmTi18327493nkmN2LFh954SSYC70 HTTP 302
https://rofpurple.com/?a=3533&oc=12574&c=36044&m=3&s1=12&s2=70-24597&s3=18327493-2-954 HTTP 302
http://www.email-versandservice.com/aff_c?offer_id=273&aff_id=1213&url_id=766&source=LL&aff_sub=3533&aff_sub2=21... HTTP 302
https://nutri.go2cloud.org/aff_c?offer_id=273&aff_id=1213&url_id=766&source=LL&aff_sub=3533&aff_sub2=21... HTTP 302
https://lp.potenzmittel.gratis/anfordern?refID=1213 HTTP 301
https://lp.potenzmittel.gratis/anfordern/?refID=1213 Page URL

Page Statistics

18
Requests

67 %
HTTPS

25 %
IPv6

10
Domains

13
Subdomains

7
IPs

4
Countries

155 kB
Transfer

407 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/12545454q54sdqds/sejdsdskdj/sdfnksdnfksdfnkqsjdf/oirjfeoirfjoisfdjsiodfjlsdf/redi.html Page URL
http://rodrigesefile.xyz/rd/c24597QcmTi18327493nkmN2LFh954SSYC70 Page URL
http://rodrigesefile.xyz/track/c24597QcmTi18327493nkmN2LFh954SSYC70 HTTP 302
https://rofpurple.com/?a=3533&oc=12574&c=36044&m=3&s1=12&s2=70-24597&s3=18327493-2-954 HTTP 302
http://www.email-versandservice.com/aff_c?offer_id=273&aff_id=1213&url_id=766&source=LL&aff_sub=3533&aff_sub2=212331223 HTTP 302
https://nutri.go2cloud.org/aff_c?offer_id=273&aff_id=1213&url_id=766&source=LL&aff_sub=3533&aff_sub2=212331223 HTTP 302
https://lp.potenzmittel.gratis/anfordern?refID=1213 HTTP 301
https://lp.potenzmittel.gratis/anfordern/?refID=1213 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	redi.html storage.googleapis.com/12545454q54sdqds/sejdsdskdj/sdfnksdnfksdfnkqsjdf/oirjfeoirfjoisfdjsiodfjlsdf/	387 B 985 B	5120ms 28ms	Document text/html	2a00:1450:4007:816::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/12545454q54sdqds/sejdsdskdj/sdfnksdnfksdfnkqsjdf/oirjfeoirfjoisfdjsiodfjlsdf/redi.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4007:816::2010 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash Request headers :method GET :authority storage.googleapis.com :scheme https :path /12545454q54sdqds/sejdsdskdj/sdfnksdnfksdfnkqsjdf/oirjfeoirfjoisfdjsiodfjlsdf/redi.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers x-guploader-uploadid ADPycduYZq3O7bEDNpJ8hzWSymB1qWssvj8fi7v2S2Sn5eb6_qPQkJlDYbeMHK7AiwQUlJKH4vBoRrwA1Nenaaqek7o expires Mon, 13 Sep 2021 18:04:21 GMT date Mon, 13 Sep 2021 17:04:21 GMT last-modified Sat, 21 Aug 2021 15:57:26 GMT etag "26edd927448825abed3bef5636f3a75e" x-goog-generation 1629561446717862 x-goog-metageneration 1 x-goog-stored-content-encoding identity x-goog-stored-content-length 387 content-type text/html x-goog-hash crc32c=nDiKbA== md5=Ju3ZJ0SIJavtO+9WNvOnXg== x-goog-storage-class NEARLINE accept-ranges bytes content-length 387 server UploadServer age 159 cache-control public, max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	c24597QcmTi18327493nkmN2LFh954SSYC70 rodrigesefile.xyz/rd/	235 B 352 B	5139ms 39ms	Document text/html	178.170.14.86 IKOULA
General Check archive.org Show headers Download Go to Full URL http://rodrigesefile.xyz/rd/c24597QcmTi18327493nkmN2LFh954SSYC70 Requested by Host: storage.googleapis.com URL: https://storage.googleapis.com/12545454q54sdqds/sejdsdskdj/sdfnksdnfksdfnkqsjdf/oirjfeoirfjoisfdjsiodfjlsdf/redi.html Protocol HTTP/1.1 Server 178.170.14.86 , France, ASN21409 (IKOULA, FR), Reverse DNS acggroupabbott.xyz Software / Resource Hash Request headers Host rodrigesefile.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Content-Type text/html; charset=utf-8 Date Mon, 13 Sep 2021 17:07:05 GMT Content-Length 235
GET H/1.1	200 OK	Primary Request / Show response lp.potenzmittel.gratis/anfordern/ Redirect Chain http://rodrigesefile.xyz/track/c24597QcmTi18327493nkmN2LFh954SSYC70 https://rofpurple.com/?a=3533&oc=12574&c=36044&m=3&s1=12&s2=70-24597&s3=18327493-2-954 http://www.email-versandservice.com/aff_c?offer_id=273&aff_id=1213&url_id=766&source=LL&aff_sub=3533&aff_sub2=212331223 https://nutri.go2cloud.org/aff_c?offer_id=273&aff_id=1213&url_id=766&source=LL&aff_sub=3533&aff_sub2=212331223 https://lp.potenzmittel.gratis/anfordern?refID=1213 https://lp.potenzmittel.gratis/anfordern/?refID=1213	11 KB 4 KB	49ms 21ms	Document text/html	3.126.202.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://lp.potenzmittel.gratis/anfordern/?refID=1213 Requested by Host: rodrigesefile.xyz URL: http://rodrigesefile.xyz/rd/c24597QcmTi18327493nkmN2LFh954SSYC70 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-202-50.eu-central-1.compute.amazonaws.com Software / Resource Hash `cad686b7c5f79bbc7da3a583a071b3b96b45f7cac8ebf8a44f02704e8fce2145` Request headers Host lp.potenzmittel.gratis Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer http://rodrigesefile.xyz/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://rodrigesefile.xyz/rd/c24597QcmTi18327493nkmN2LFh954SSYC70 Response headers date Mon, 13 Sep 2021 17:07:26 GMT content-type text/html; charset=UTF-8 transfer-encoding chunked p3p CP="This is not a privacy policy." x-unbounce-pageid 1609f561-4324-432e-b1b5-159708c8f188 etag "a:53d5d06b0bf130711e94f65b0fd22466" last-modified Tue, 30 Mar 2021 07:24:19 GMT x-unbounce-visitorid 9a070ca0-0d53-4b5a-ab2b-f2543c4422a3 x-unbounce-variant a content-location https://lp.potenzmittel.gratis/anfordern/ link <https://lp.potenzmittel.gratis/anfordern/>; rel="canonical" set-cookie ubpv=a%2C1609f561-4324-432e-b1b5-159708c8f188; Max-Age=15897600; Expires=Wed, 16 Mar 2022 17:07:26 GMT; Path=/anfordern/; SameSite=Lax ubvs=9a070ca0-0d53-4b5a-ab2b-f2543c4422a3; Max-Age=15552000; Expires=Sat, 12 Mar 2022 17:07:26 GMT; Path=/; SameSite=Lax ubvt=9a070ca0-0d53-4b5a-ab2b-f2543c4422a3; Max-Age=259200; Expires=Thu, 16 Sep 2021 17:07:26 GMT; Path=/; Domain=potenzmittel.gratis; SameSite=Lax content-encoding gzip x-proxy-backend page-server connection close Redirect headers date Mon, 13 Sep 2021 17:07:26 GMT content-length 0 p3p CP="This is not a privacy policy." location https://lp.potenzmittel.gratis/anfordern/?refID=1213 x-proxy-backend page-server connection close
GET H2	200	main-7b78720.z.css builder-assets.unbounce.com/published-css/	15 KB 3 KB	5099ms 24ms	Stylesheet text/css	52.222.174.124
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-css/main-7b78720.z.css Requested by Host: lp.potenzmittel.gratis URL: https://lp.potenzmittel.gratis/anfordern/?refID=1213 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.174.124 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash `7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863` Request headers Accept-Language de-DE,de;q=0.9 Referer https://lp.potenzmittel.gratis/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 05 Feb 2021 01:12:18 GMT content-encoding gzip last-modified Thu, 14 Jan 2021 00:04:15 GMT server AmazonS3 age 19065314 etag "387bd017c5b4c65e427e652174ec93b6" x-cache Hit from cloudfront x-amz-version-id g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3 via 1.1 3927bf0011a2eb853e62f4b12f7ba87f.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop CDG50-P2 accept-ranges bytes content-type text/css content-length 2902 x-amz-cf-id dhEGQFpO9XNRU6MKr0sifanbVqEDlDsDfw8kjEaSLKgB-ag47nQjzg==
GET H2	200	73znaBA3Q9z9HB35o.js Show response static.cleverpush.com/channel/loader/	163 KB 42 KB	5090ms 27ms	Script application/javascript	2606:4700:20::ac43:47b8
General Check archive.org Show headers Download Go to Full URL https://static.cleverpush.com/channel/loader/73znaBA3Q9z9HB35o.js Requested by Host: lp.potenzmittel.gratis URL: https://lp.potenzmittel.gratis/anfordern/?refID=1213 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47b8 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `20c5d041649668b52628c0e4f5e182cc8ec7feb65d86c997ed37fdf4cbdcd1e2` Request headers Accept-Language de-DE,de;q=0.9 Referer https://lp.potenzmittel.gratis/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 13 Sep 2021 17:07:31 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 14639 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id H81M5EYA4BQ5EAYT x-amz-id-2 s51DQK4VsUQsasC2pxvMc4+YBPbU9HCIbaDu5vOhxEHgvOn9UhO/hAeyRC+taOQ3tW97wD/1PhM= last-modified Mon, 13 Sep 2021 00:01:13 GMT server cloudflare etag W/"9fae5a1024f0849ca8047f94f57816ec" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpiJB9llluXZ8sHBuPDF2x8Mf2Dm0jRIhuUaw%2Beu05besq42VJVbYHGbKYlAwYTBPE6iwoOnU0kw%2BO3uOVnZ6NqWTt2IxYsDUQiWfZAb7vzZUFun48lw1fWU56P1G7Tn%2BA5Vsz3TYiARlTwg%2BtOizOELxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=21600 cf-ray 68e2f8eb1a556987-FRA
GET		ub.js d34qb8suadcc4g.cloudfront.net/	0 0

GET H2	200	/ Show response p.gsitrix.com/page/	54 KB 54 KB	5107ms 13ms	Script application/javascript	85.195.93.95
General Check archive.org Show headers Download Go to Full URL https://p.gsitrix.com/page/?a=5d54101e5e62b1565790238&p=home&prid=20202&av=fiddiam&as=gp&w=quelle-der-natur.de&ref= Requested by Host: lp.potenzmittel.gratis URL: https://lp.potenzmittel.gratis/anfordern/?refID=1213 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.195.93.95 -, , ASN (), Reverse DNS Software / Resource Hash `b4bd336b43763c22772e7ae7c5d0295f286a72f36f6416703b7955ff88322c5f` Request headers Accept-Language de-DE,de;q=0.9 Referer https://lp.potenzmittel.gratis/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Mon, 13 Sep 2021 17:07:31 GMT access-control-allow-methods * p3p CP="NOI DEVa TAIa OUR BUS UNI" access-control-allow-origin * cache-control post-check=0, pre-check=0 access-control-allow-credentials true content-type application/javascript; charset=utf-8 access-control-allow-headers * expires Sat, 13 Jun 1992 00:00:00 GMT
GET H2	200	main.bundle-5c6e41c.z.js Show response builder-assets.unbounce.com/published-js/	104 KB 33 KB	30ms 29ms	Script application/javascript	52.222.174.124
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js Requested by Host: lp.potenzmittel.gratis URL: https://lp.potenzmittel.gratis/anfordern/?refID=1213 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.174.124 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash `5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb` Request headers Accept-Language de-DE,de;q=0.9 Referer https://lp.potenzmittel.gratis/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 15 Aug 2021 18:29:16 GMT content-encoding gzip last-modified Thu, 14 Jan 2021 00:04:10 GMT server AmazonS3 age 2500696 etag "bb50eefe0cf9244bc17fe34bb55821bb" x-cache Hit from cloudfront x-amz-version-id ipR703zeXb6Y9CZFo9gIWbPXuPKHmpp3 via 1.1 3927bf0011a2eb853e62f4b12f7ba87f.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop CDG50-P2 accept-ranges bytes content-type application/javascript content-length 33645 x-amz-cf-id K62eAX0p1Q3rXLRl-5yzt0pGd_u2MCsb1UzZrXJjyWoE-1yY29Cqeg==
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/gif
GET		sys.php o.gsitrix.com/	0 0

GET BLOB	200 OK	15c8e033-8568-493e-a4fa-95623dd26af7 https://lp.potenzmittel.gratis/	5 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://lp.potenzmittel.gratis/15c8e033-8568-493e-a4fa-95623dd26af7 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7` Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Length 5603 Content-Type text/css
GET H2	200	5.js Show response static.cleverpush.com/sdk/chunk/	26 KB 7 KB	28ms 28ms	Script application/javascript	2606:4700:20::ac43:47b8
General Check archive.org Show headers Download Go to Full URL https://static.cleverpush.com/sdk/chunk/5.js Requested by Host: static.cleverpush.com URL: https://static.cleverpush.com/channel/loader/73znaBA3Q9z9HB35o.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47b8 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `c362097462bafd85f48613a9cdbbbdb2d23d59e78468eee298bd9354f3b64b0d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://lp.potenzmittel.gratis/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 13 Sep 2021 17:07:31 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10063 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id K7Y6TET5B7051C8E x-amz-id-2 ljVOJy05rTOT1LhX9cqmYZA8NXTdQ8mAR7GwtsRxK2zcScEMWhJnLWV8DQDO51Bynca72ty/X8g= last-modified Tue, 31 Aug 2021 08:58:54 GMT server cloudflare etag W/"2d3047f24bbc1566ed62d2b2c42aadcc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00fSZrx2jtpK0bcXTFkUnyk5HkADiqp5%2FvxAX6WKuG9mAEyMmLvrNK%2FRZ%2B%2FXIxzXd0nvE8%2F0Dou30BDpA%2FgA1BJTOP7fjxjllOZ4Rj%2BBfJ6OMSL3uCsQSWcTvVqppErEbHF3pBdP1k%2BJXgWk72EMLcyD6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public,max-age=43200 cf-ray 68e2f8ebbc256987-FRA
GET H2	200	251.js Show response static.cleverpush.com/sdk/chunk/	6 KB 3 KB	22ms 22ms	Script application/javascript	2606:4700:20::ac43:47b8
General Check archive.org Show headers Download Go to Full URL https://static.cleverpush.com/sdk/chunk/251.js Requested by Host: static.cleverpush.com URL: https://static.cleverpush.com/channel/loader/73znaBA3Q9z9HB35o.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47b8 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `14a1cbcdf5312121bc64e7d7b696da1e3322428c9ee7441a5d45aecddd59641f` Request headers Accept-Language de-DE,de;q=0.9 Referer https://lp.potenzmittel.gratis/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 13 Sep 2021 17:07:31 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 39559 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id KTJPXH8TYK11ESGB x-amz-id-2 NNOIO0dpEhTVum5VXAHSsidfmDgJ8NKmz1vjjVNZSE6RQr3U6EbEO4vso4XccinWjHWrJ799aR8= last-modified Tue, 31 Aug 2021 08:58:54 GMT server cloudflare etag W/"1d89b52857bfafbd43a0aaa08e05bcff" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EbrBDBTEi6qOHgQeTEq2wzf9gPg8t2RpzvDs7uzvp9MtBl%2BQK%2BMRRo9%2FDm0ZDmAMKA8EhLSjttdZ0lqN7HcRXyxkZ6sLIBTxs7%2BLeynTmC7soAUO3enONduwIFwU5H3UQbg8Th6JUTUYrsrc8B1n%2F5jTw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public,max-age=43200 cf-ray 68e2f8ebbc2b6987-FRA
GET H2	200	628.js Show response static.cleverpush.com/sdk/chunk/	22 KB 6 KB	22ms 22ms	Script application/javascript	2606:4700:20::ac43:47b8
General Check archive.org Show headers Download Go to Full URL https://static.cleverpush.com/sdk/chunk/628.js Requested by Host: static.cleverpush.com URL: https://static.cleverpush.com/channel/loader/73znaBA3Q9z9HB35o.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:47b8 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `86b3776dcf0a421e0767caa22e40f71f069d179778409ebfad0c75a3126cdc52` Request headers Accept-Language de-DE,de;q=0.9 Referer https://lp.potenzmittel.gratis/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 13 Sep 2021 17:07:31 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 39559 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id KTJK5QT50XZKNKCS x-amz-id-2 WxkRtshtXFMXVXSVVr0o2/w5fnJ3cfkDpo70p8SW1uk/O7tsDABXEXln6mJDFNwmkx9KbvfSmh4= last-modified Tue, 31 Aug 2021 08:58:54 GMT server cloudflare etag W/"84e1a1a4866198b4afe2d1c21276e838" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEQ5QYBp2Mengcx3IG%2F3M8QDnVY1NHH6eWMgnKTaUNGqX0t5nS0L6Le703bTiMRi6YJypI87o90kteoNZ3PELWovApQrSOYBVo4I5RKhVZdcbTJXpUisPFa0Io%2Fpn35%2Bp1SaEGzsRczWiMluaWyAkqFcPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public,max-age=43200 cf-ray 68e2f8ebbc2c6987-FRA
GET		f4fb212c-untitled-480p-9587834a-2171-4761-840a-505e931ca5f0-1.gif d9hhrg4mnvzow.cloudfront.net/lp.potenzmittel.gratis/anfordern/	0 0

POST H2	200	ax.php Show response p.gsitrix.com/js/	0 139 B	41ms 13ms	XHR text/plain	85.195.93.95
General Check archive.org Show headers Download Go to Full URL https://p.gsitrix.com/js/ax.php Requested by Host: p.gsitrix.com URL: https://p.gsitrix.com/page/?a=5d54101e5e62b1565790238&p=home&prid=20202&av=fiddiam&as=gp&w=quelle-der-natur.de&ref= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.195.93.95 -, , ASN (), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://lp.potenzmittel.gratis/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://lp.potenzmittel.gratis date Mon, 13 Sep 2021 17:07:31 GMT access-control-allow-credentials true access-control-allow-headers * content-length 0 access-control-allow-methods *
GET H2	200	pet.php Show response p.gsitrix.com/tk/	281 B 354 B	13ms 13ms	Script application/javascript	85.195.93.95
General Check archive.org Show headers Download Go to Full URL https://p.gsitrix.com/tk/pet.php Requested by Host: p.gsitrix.com URL: https://p.gsitrix.com/page/?a=5d54101e5e62b1565790238&p=home&prid=20202&av=fiddiam&as=gp&w=quelle-der-natur.de&ref= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.195.93.95 -, , ASN (), Reverse DNS Software / Resource Hash `aa8535afa866f056e3ee0b9cf8c2df6294e1c6fb1b186eb87168334adf3acb5d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://lp.potenzmittel.gratis/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 13 Sep 2021 17:07:31 GMT etag 35cbe38028dbe15395842db15 access-control-allow-methods * content-type application/javascript access-control-allow-origin * cache-control public access-control-allow-credentials true access-control-allow-headers * content-length 281
POST H2	200	ax.php Show response p.gsitrix.com/js/	0 16 B	13ms 13ms	XHR text/plain	85.195.93.95
General Check archive.org Show headers Download Go to Full URL https://p.gsitrix.com/js/ax.php Requested by Host: p.gsitrix.com URL: https://p.gsitrix.com/page/?a=5d54101e5e62b1565790238&p=home&prid=20202&av=fiddiam&as=gp&w=quelle-der-natur.de&ref= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.195.93.95 -, , ASN (), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://lp.potenzmittel.gratis/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://lp.potenzmittel.gratis date Mon, 13 Sep 2021 17:07:31 GMT access-control-allow-credentials true access-control-allow-headers * content-length 0 access-control-allow-methods *
GET		iframe az-vitamins.cleverpush.com/ Frame 5DC9	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266

Domain: o.gsitrix.com
URL: https://o.gsitrix.com/sys.php?a=5d54101e5e62b1565790238&p=home&prid=20202&av=fiddiam&as=gp&w=quelle-der-natur.de&ref=&refdoc=http%3A%2F%2Frodrigesefile.xyz%2F&selfref=https%3A%2F%2Flp.potenzmittel.gratis%2Fanfordern%2F%3FrefID%3D1213

Domain: d9hhrg4mnvzow.cloudfront.net
URL: https://d9hhrg4mnvzow.cloudfront.net/lp.potenzmittel.gratis/anfordern/f4fb212c-untitled-480p-9587834a-2171-4761-840a-505e931ca5f0-1.gif

Domain: az-vitamins.cleverpush.com
URL: https://az-vitamins.cleverpush.com/iframe?origin=https%3A%2F%2Flp.potenzmittel.gratis

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lp.potenzmittel.gratis/anfordern/	1970-01-20 01:37:30	Name: ubpv Value: a%2C1609f561-4324-432e-b1b5-159708c8f188
.rofpurple.com/	1969-12-31 23:59:59	Name: sfd Value: LdB2TnyrimNmOJxzM1va4wzyMmxhUkJ2ExnOqQ8HHMemz5nzZ/9oZg==
.rofpurple.com/	1970-01-21 17:02:02	Name: tib Value: 7y7FCR3Pfb8+ow4rgRmjJwzyMmxhUkJ2ExnOqQ8HHMemz5nzZ/9oZg==
.rofpurple.com/	1970-01-19 21:55:44	Name: c12542 Value: LdB2TnyrimO++TqcriKCOAyOTEPnsH6HZUedZo3vdfjQt9aXeTN9RQ==
nutri.go2cloud.org/	1970-01-19 21:13:59	Name: aff_ran_url_273 Value: 766
nutri.go2cloud.org/	1970-01-19 21:55:44	Name: enc_aff_session_273 Value: ENC035e305d782a958cd849364e83200ea64aa9ba555d970733a7d9c5252964b3620de1bc7d305ff8049526afcd6801cc53a0a4e737e673fe71903e41a0dc7a33cfaf18864971473a1f33ab5d16406f3281e3dc72cf7e85b7823e46550a99c33eb9c330ca384f4871bd6df0d774f749a3b5541264140e19eabeb11ba4a95195f2393881136f1162bd02cecc66e6db7193e94944798782b6a883734375e743534986582eb9d833
nutri.go2cloud.org/	1970-01-20 22:38:08	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
lp.potenzmittel.gratis/	1970-01-20 01:31:44	Name: ubvs Value: 9a070ca0-0d53-4b5a-ab2b-f2543c4422a3
.potenzmittel.gratis/	1970-01-19 21:16:52	Name: ubvt Value: 9a070ca0-0d53-4b5a-ab2b-f2543c4422a3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://p.gsitrix.com/page/?a=5d54101e5e62b1565790238&p=home&prid=20202&av=fiddiam&as=gp&w=quelle-der-natur.de&ref= Message: RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
deprecation	warning	URL: https://p.gsitrix.com/page/?a=5d54101e5e62b1565790238&p=home&prid=20202&av=fiddiam&as=gp&w=quelle-der-natur.de&ref= Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az-vitamins.cleverpush.com
builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
lp.potenzmittel.gratis
nutri.go2cloud.org
o.gsitrix.com
p.gsitrix.com
rodrigesefile.xyz
rofpurple.com
static.cleverpush.com
storage.googleapis.com
www.email-versandservice.com
az-vitamins.cleverpush.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
o.gsitrix.com
178.170.14.86
2606:4700:20::ac43:47b8
2a00:1450:4007:816::2010
3.126.202.50
34.90.63.251
52.210.174.128
52.222.174.124
85.195.93.95
14a1cbcdf5312121bc64e7d7b696da1e3322428c9ee7441a5d45aecddd59641f
20c5d041649668b52628c0e4f5e182cc8ec7feb65d86c997ed37fdf4cbdcd1e2
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
86b3776dcf0a421e0767caa22e40f71f069d179778409ebfad0c75a3126cdc52
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
aa8535afa866f056e3ee0b9cf8c2df6294e1c6fb1b186eb87168334adf3acb5d
b4bd336b43763c22772e7ae7c5d0295f286a72f36f6416703b7955ff88322c5f
c362097462bafd85f48613a9cdbbbdb2d23d59e78468eee298bd9354f3b64b0d
cad686b7c5f79bbc7da3a583a071b3b96b45f7cac8ebf8a44f02704e8fce2145
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

lp.potenzmittel.gratis Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

18 Requests

67 %HTTPS

25 %IPv6

10 Domains

13 Subdomains

7 IPs

4 Countries

155 kBTransfer

407 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

9 Cookies

2 Console Messages

Indicators

lp.potenzmittel.gratis Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

67 %
HTTPS

25 %
IPv6

10
Domains

13
Subdomains

7
IPs

4
Countries

155 kB
Transfer

407 kB
Size

9
Cookies

18 HTTP transactions
1 data transactions