ndl.dingtone.co Open in urlscan Pro
2600:9000:223c:9c00:6:817b:2180:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Submission: On August 11 via manual (August 11th 2023, 3:08:41 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 12 HTTP transactions. The main IP is 2600:9000:223c:9c00:6:817b:2180:93a1, located in United States and belongs to AMAZON-02, US. The main domain is ndl.dingtone.co.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 1st 2023. Valid for: a year.

This is the only time ndl.dingtone.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2600:9000:223... 2600:9000:223c:9c00:6:817b:2180:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:225... 2600:9000:2251:d600:1f:a6e4:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
12	4

2 2600:9000:223c:9c00:6:817b:2180:93a1 (United States)

ASN16509 (AMAZON-02, US)

ndl.dingtone.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2251:d600:1f:a6e4:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

mms.dingtone.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	dingtone.me mms.dingtone.me	158 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 485	17 KB
2	dingtone.co ndl.dingtone.co	3 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5933	408 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	484 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 114	379 B
12	6

	Domain	Requested by
8	mms.dingtone.me	ndl.dingtone.co
2	ssl.google-analytics.com	1 redirects ndl.dingtone.co
2	ndl.dingtone.co	ndl.dingtone.co
1	www.google.de	ndl.dingtone.co
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
12	6

This site contains links to these domains. Also see Links.

Domain
dingtone.me
mms.dingtone.me

Subject Issuer	Validity	Valid
ndl.dingtone.co Amazon RSA 2048 M01	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.dingtone.me Amazon RSA 2048 M01	`2023-02-24` - `2023-12-09`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Frame ID: 8DDD9219648F5D102122D3CA42904602
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

dingtone

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

92 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

179 kB
Transfer

204 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://dingtone.me/d

Search URL Search Domain Scan URL

URL: http://mms.dingtone.me/mmssvc/r.html?token=p34YLlDf&sender=208661339&appName=Dingtone

Search URL Search Domain Scan URL

URL: http://mms.dingtone.me/mmssvc/download?l=en&content=https%3A%2F%2Fndl.dingtone.co%2Fd6%2F32%2F145138331742291%2F17579718173_12067121581_36272342528_1%3FAWSAccessKeyId%3DAKIAJ2NPL4QHKRNJLJVQ%26Expires%3D2147483647%26Signature%3DvrG29wfRg%20.lOyBk9%252FTbh%252FWccHRtk%253D

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=851855581&utmhn=ndl.dingtone.co&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=dingtone&utmhid=761702821&utmr=-&utmp=%2F1%2FEMiJlf3%3Fk%3DfRg%252520.&utmht=1691723316459&utmac=UA-29757841-1&utmcc=__utma%3D109658074.742321320.1691723316.1691723316.1691723316.1%3B%2B__utmz%3D109658074.1691723316.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1897054705&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29757841-1&cid=742321320.1691723316&jid=1897054705&_v=5.7.2&z=851855581 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29757841-1&cid=742321320.1691723316&jid=1897054705&_v=5.7.2&z=851855581 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29757841-1&cid=742321320.1691723316&jid=1897054705&_v=5.7.2&z=851855581&slf_rd=1&random=2977108962

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request EMiJlf3 Show response
ndl.dingtone.co/1/ 2 KB
2 KB 878ms
672ms Document
text/html 2600:9000:223c:9c00:6:817b:2180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9c00:6:817b:2180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19d82d69972321abad490579c6cd2447179d3612e287459b39e12a4fff532090

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 2027
content-type: text/html
date: Fri, 11 Aug 2023 03:08:36 GMT
etag: "ac6aa5efed6e4cb017cd3f6bf409acaa"
last-modified: Fri, 04 Aug 2023 19:49:37 GMT
server: AmazonS3
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-id: zqNO9Za_sbs7En1nfWRAWLYIiSMbovaL7deAmjHoxarPC5jIgAECvw==
x-amz-cf-pop: FRA56-P2
x-amz-expiration: expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="auto-del-after-7days"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 css_v3.css
mms.dingtone.me/mmssvc/css2/ 3 KB
3 KB 563ms
316ms Stylesheet
text/css 2600:9000:2251:d600:1f:a6e4:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mms.dingtone.me/mmssvc/css2/css_v3.css
Requested by: Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:1f:a6e4:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7770148efb2e24bb977018283b878866710ef72d5ac150533547909d8d800a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:08:36 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Tue, 20 Oct 2020 15:50:14 GMT
x-amz-cf-pop: FRA60-P3
etag: W/"3170-1603209014000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 3170
x-amz-cf-id: z-b9D61QHPVlW8onCIrMOvaONMTp65QDvl4OlvpDfOIpOGKeW2qxvw==

GET
H2 200 sms_v3.js Show response
mms.dingtone.me/mmssvc/js2/ 18 KB
19 KB 564ms
317ms Script
application/javascript 2600:9000:2251:d600:1f:a6e4:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mms.dingtone.me/mmssvc/js2/sms_v3.js
Requested by: Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:1f:a6e4:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 956a1c501ffaa2a23938ef80da7ed729387ceeb92e1b9b691b3a7013c8ece94d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:08:36 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Fri, 01 Apr 2022 10:15:30 GMT
x-amz-cf-pop: FRA60-P3
etag: W/"18710-1648808130000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 18710
x-amz-cf-id: BugcLa9S9w12Hb-fyi_AEgcL0mhdGWPAK_BwJLYafzW6MCFkV2GgCw==

GET
H2 200 util.js Show response
mms.dingtone.me/mmssvc/js2/ 8 KB
8 KB 563ms
317ms Script
application/javascript 2600:9000:2251:d600:1f:a6e4:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mms.dingtone.me/mmssvc/js2/util.js
Requested by: Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:1f:a6e4:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 871dfd9fe4e33cdb59c686866fa6bdbe23cdff1b36d864e891ad208b4ac7ebbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:08:36 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Thu, 24 Feb 2022 09:04:33 GMT
x-amz-cf-pop: FRA60-P3
etag: W/"8301-1645693473000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8301
x-amz-cf-id: G_Fgtb-S6ySwf7bWZUrBceQiCpNWx_9O5KVUhUVHCRnWDJMG699dKw==

GET
H2 200 jquery.min.js Show response
mms.dingtone.me/mmssvc/js2/ 93 KB
93 KB 565ms
319ms Script
application/javascript 2600:9000:2251:d600:1f:a6e4:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mms.dingtone.me/mmssvc/js2/jquery.min.js
Requested by: Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:1f:a6e4:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:08:36 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Tue, 20 Oct 2020 15:50:14 GMT
x-amz-cf-pop: FRA60-P3
etag: W/"94839-1603209014000"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 94839
x-amz-cf-id: MyoFKYBE97WWl_l4xeaHZ3QdYvoqRfQtaix-l01rjLdmQQ0NCD6MNA==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 42ms
11ms Script
text/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Aug 2023 01:19:59 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6517
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 11 Aug 2023 03:19:59 GMT

GET
H2 200 logo_new.png
mms.dingtone.me/mmssvc/images2/ 4 KB
5 KB 481ms
480ms Image
image/png 2600:9000:2251:d600:1f:a6e4:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mms.dingtone.me/mmssvc/images2/logo_new.png
Requested by: Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:1f:a6e4:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c9731ca5afd094a2074b3170a63e96665ae3cd4148e1ef91b7f6a00b5d1e1013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:08:36 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 11:52:00 GMT
x-amz-cf-pop: FRA60-P3
etag: W/"4580-1639396320000"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 4580
x-amz-cf-id: ebrILaIRwW1EmTsbtXBy7TA3TJTX5Wm-NwMoLkxT8SWtcxtFxJdoIA==

GET
H2 403 17579718173_12067121581_36272342528_1
ndl.dingtone.co/d6/32/145138331742291/ 925 B
925 B 644ms
643ms Image
application/xml 2600:9000:223c:9c00:6:817b:2180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ndl.dingtone.co/d6/32/145138331742291/17579718173_12067121581_36272342528_1?AWSAccessKeyId=AKIAJ2NPL4QHKRNJLJVQ&Expires=2147483647&Signature=vrG29wfRg%20.lOyBk9%2FTbh%2FWccHRtk%3D
Requested by: Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9c00:6:817b:2180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdc1772fc53c5ad31ed2f9e4fed1770ef67f10454a8629379183b873f4d599d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:08:35 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: H-t3KbS5SOOXef-I25sqd03ERtvSslwb-EPf-zCcEoXqogLdCtUO8A==
x-cache: Error from cloudfront
content-type: application/xml

GET
H2 200 bnt_reply.png
mms.dingtone.me/mmssvc/images2/ 8 KB
8 KB 471ms
470ms Image
image/png 2600:9000:2251:d600:1f:a6e4:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mms.dingtone.me/mmssvc/images2/bnt_reply.png
Requested by: Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:1f:a6e4:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b20421d136533287c60efb4be0c09bec1ddf59e650daa1bf2d3ad9fb0db939e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:08:36 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Tue, 20 Oct 2020 15:50:14 GMT
x-amz-cf-pop: FRA60-P3
etag: W/"7782-1603209014000"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 7782
x-amz-cf-id: pKOLjpYqDCupHp9NDy28lKL1eyK8nH_TQu477E1AnKEi7X50KFuAXg==

GET
H2 200 bnt_download_en.png
mms.dingtone.me/mmssvc/images2/ 6 KB
7 KB 314ms
313ms Image
image/png 2600:9000:2251:d600:1f:a6e4:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mms.dingtone.me/mmssvc/images2/bnt_download_en.png
Requested by: Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:1f:a6e4:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 992c6e009685da4ddda9f402794482c1f152a45885b792994ba9e02a1e3f1865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:08:36 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Mon, 13 Dec 2021 11:52:00 GMT
x-amz-cf-pop: FRA60-P3
etag: W/"6639-1639396320000"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 6639
x-amz-cf-id: gbAUQzDxESLLINDPAo4vJFbjTVq1AcpEUrjVII3tdwnfONC0qZ-byQ==

GET
H2 200 bnt_download.png
mms.dingtone.me/mmssvc/images2/ 15 KB
15 KB 480ms
479ms Image
image/png 2600:9000:2251:d600:1f:a6e4:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mms.dingtone.me/mmssvc/images2/bnt_download.png
Requested by: Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:1f:a6e4:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 092837c7645a1617ae55d32c3b92fede5777d4ccd20a7bf795a498fbe81d7b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:08:36 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Tue, 20 Oct 2020 15:50:14 GMT
x-amz-cf-pop: FRA60-P3
etag: W/"15154-1603209014000"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15154
x-amz-cf-id: XVt-jtZ6DZ2FNplqdKzWXWTJreE_TqXkX-Fzo6KV_VrT-GfKW6ByKg==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=851855581&utmhn=ndl.dingtone.co&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=dingt...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-29757841-1&cid=742321320.1691723316&jid=1897054705&_v=5.7.2&z=851855581
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29757841-1&cid=742321320.1691723316&jid=1897054705&_v=5.7.2&z=851855581
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29757841-1&cid=742321320.1691723316&jid=1897054705&_v=5.7.2&z=851855581&slf_rd=1&random=2977108962

42 B
408 B

67ms
28ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29757841-1&cid=742321320.1691723316&jid=1897054705&_v=5.7.2&z=851855581&slf_rd=1&random=2977108962

Requested by

Host: ndl.dingtone.co
URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.

Protocol

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ndl.dingtone.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 03:08:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 03:08:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-29757841-1&cid=742321320.1691723316&jid=1897054705&_v=5.7.2&z=851855581&slf_rd=1&random=2977108962
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ndl.dingtone.co/	1970-01-20 23:31:23	Name: __utma Value: 109658074.742321320.1691723316.1691723316.1691723316.1
.ndl.dingtone.co/	1969-12-31 23:59:59	Name: __utmc Value: 109658074
.ndl.dingtone.co/	1970-01-20 18:18:11	Name: __utmz Value: 109658074.1691723316.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.ndl.dingtone.co/	1970-01-20 13:55:23	Name: __utmt Value: 1
.ndl.dingtone.co/	1970-01-20 13:55:25	Name: __utmb Value: 109658074.1.10.1691723316

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20. Message: Mixed Content: The page at 'https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.' was loaded over HTTPS, but requested an insecure element 'http://mms.dingtone.me/mmssvc/images2/logo_new.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20. Message: Mixed Content: The page at 'https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.' was loaded over HTTPS, but requested an insecure element 'http://mms.dingtone.me/mmssvc/images2/bnt_reply.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20. Message: Mixed Content: The page at 'https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.' was loaded over HTTPS, but requested an insecure element 'http://mms.dingtone.me/mmssvc/images2/bnt_download_en.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20. Message: Mixed Content: The page at 'https://ndl.dingtone.co/1/EMiJlf3?k=fRg%20.' was loaded over HTTPS, but requested an insecure element 'http://mms.dingtone.me/mmssvc/images2/bnt_download.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://ndl.dingtone.co/d6/32/145138331742291/17579718173_12067121581_36272342528_1?AWSAccessKeyId=AKIAJ2NPL4QHKRNJLJVQ&Expires=2147483647&Signature=vrG29wfRg%20.lOyBk9%2FTbh%2FWccHRtk%3D Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mms.dingtone.me
ndl.dingtone.co
ssl.google-analytics.com
stats.g.doubleclick.net
www.google.com
www.google.de
2600:9000:223c:9c00:6:817b:2180:93a1
2600:9000:2251:d600:1f:a6e4:f5c0:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2008
2a00:1450:400c:c06::9b
092837c7645a1617ae55d32c3b92fede5777d4ccd20a7bf795a498fbe81d7b63
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
19d82d69972321abad490579c6cd2447179d3612e287459b39e12a4fff532090
7770148efb2e24bb977018283b878866710ef72d5ac150533547909d8d800a1b
871dfd9fe4e33cdb59c686866fa6bdbe23cdff1b36d864e891ad208b4ac7ebbd
956a1c501ffaa2a23938ef80da7ed729387ceeb92e1b9b691b3a7013c8ece94d
992c6e009685da4ddda9f402794482c1f152a45885b792994ba9e02a1e3f1865
b20421d136533287c60efb4be0c09bec1ddf59e650daa1bf2d3ad9fb0db939e6
c9731ca5afd094a2074b3170a63e96665ae3cd4148e1ef91b7f6a00b5d1e1013
cdc1772fc53c5ad31ed2f9e4fed1770ef67f10454a8629379183b873f4d599d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

ndl.dingtone.co Open in urlscan Pro 2600:9000:223c:9c00:6:817b:2180:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

4 IPs

3 Countries

179 kBTransfer

204 kBSize

5 Cookies

3 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

5 Cookies

5 Console Messages

Indicators

ndl.dingtone.co Open in urlscan Pro
2600:9000:223c:9c00:6:817b:2180:93a1 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

179 kB
Transfer

204 kB
Size

5
Cookies

12 HTTP transactions
0 data transactions