urlscan.io logo urlscan.io
SecurityTrails logo

mail.hodtd.com Open in urlscan Pro
52.16.200.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://goldenendings.org/?VF85MDE2OV81NjU4ODQ5Ml9iRXdLdFAyTzN2YVh5SEtrRWZ3RGlTeGN0cU9nVXFWYWQ0WUZsdFJvU0p1RUpnWmt0V3MweWV...
Effective URL: https://mail.hodtd.com/aff_c?offer_id=16118&aff_id=14073&url_id=24585&aff_sub2=648372a780a0a00001259101&aff_sub=4571_15...
Submission: On June 09 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 6 countries across 7 domains to perform 1 HTTP transactions. The main IP is 52.16.200.194, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is mail.hodtd.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 9th 2023. Valid for: 10 months.
This is the only time mail.hodtd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.161.89.246 213230 (HETZNER-C...)
1 1 2a05:d014:286... 16509 (AMAZON-02)
1 1 45.141.159.22 206776 (INTERDEX-...)
1 1 34.120.192.135 396982 (GOOGLE-CL...)
1 1 35.233.96.203 396982 (GOOGLE-CL...)
1 1 34.147.37.248 396982 (GOOGLE-CL...)
1 52.16.200.194 16509 (AMAZON-02)
1 1
1    5.161.89.246 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: goldenendings.org
goldenendings.org
1    2a05:d014:286:3501:c236:acb6:449f:1f92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
3n5qo.bemobtrcks.com
1    45.141.159.22 (Bulgaria)

ASN206776 (INTERDEX-NETWORK, SC)
PTR: no-rdns.krypton-network.com
dl-fastload.com
1    34.120.192.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.192.120.34.bc.googleusercontent.com
go.atb4.me
1    35.233.96.203 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.96.233.35.bc.googleusercontent.com
go.1to3.me
1    34.147.37.248 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.37.147.34.bc.googleusercontent.com
clixscale.g2afse.com
1    52.16.200.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-200-194.eu-west-1.compute.amazonaws.com
mail.hodtd.com
Apex Domain
Subdomains		 Transfer
1 hodtd.com
mail.hodtd.com
490 B
1 g2afse.com
clixscale.g2afse.com
269 B
1 1to3.me
go.1to3.me
440 B
1 atb4.me
go.atb4.me
324 B
1 dl-fastload.com
dl-fastload.com
3 KB
1 bemobtrcks.com
3n5qo.bemobtrcks.com
834 B
1 goldenendings.org
goldenendings.org
386 B
1 7
Domain Requested by
1 mail.hodtd.com
1 clixscale.g2afse.com 1 redirects
1 go.1to3.me 1 redirects
1 go.atb4.me 1 redirects
1 dl-fastload.com 1 redirects
1 3n5qo.bemobtrcks.com 1 redirects
1 goldenendings.org 1 redirects
1 7

This site contains no links.

Subject Issuer Validity Valid
mail.hodtd.com
Amazon RSA 2048 M01		 2023-02-09 -
2023-12-16		 10 months crt.sh

This page contains 1 frames:

Primary Page: https://mail.hodtd.com/aff_c?offer_id=16118&aff_id=14073&url_id=24585&aff_sub2=648372a780a0a00001259101&aff_sub=4571_153875
Frame ID: 0BAA99E4B7372E1CD1C4827FF38FD6EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

1
IPs

6
Countries

0 kB
Transfer

0 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request aff_c
mail.hodtd.com/
Redirect Chain
  • https://goldenendings.org/?VF85MDE2OV81NjU4ODQ5Ml9iRXdLdFAyTzN2YVh5SEtrRWZ3RGlTeGN0cU9nVXFWYWQ0WUZsdFJvU0p1RUpnWmt0V3MweWVIRmFuZUxiZjlmdHpCcjhDemViNzhwSjhrNDNlb0lIVkF3OFRJd2xPQ1I2eDU5WmZieVFJb3cwZ2...
  • https://3n5qo.bemobtrcks.com/go/bf2eb990-a840-44eb-be4d-46beb8b04ef3?mailer_id=1&email_id=56588492&drop_id=90169
  • https://dl-fastload.com/?a=153875&c=309733&mt=3&s1=1&s2=EV9GSkMRZAgitZz3DhjwQi&s2=EV9GSkMRZAgitZz3DhjwQi
  • https://go.atb4.me/4571/5273/?clickid=31d48af21164468f98c18e03961346781d23a&pub=153875&sub_pub_id=1&fbid=
  • https://go.1to3.me/sl?id=624d57ac7dbfd0f4dadecb91&pid=3&sub1=4571&sub2=&sub3=153875&sub4=1&sub5=31d48af21164468f98c18e03961346781d23a&sub6=ClickDealer&sub7=&sub8=&ref_id=31d48af21164468f98c18e03961...
  • https://clixscale.g2afse.com/sl?id=624d57ac7dbfd0f4dadecb91&pid=3&ref_id=31d48af21164468f98c18e03961346781d23a_4571&sub1=4571&sub2=&sub3=153875&sub4=1&sub5=31d48af21164468f98c18e03961346781d23a&sub...
  • https://mail.hodtd.com/aff_c?offer_id=16118&aff_id=14073&url_id=24585&aff_sub2=648372a780a0a00001259101&aff_sub=4571_153875
0
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.hodtd.com/aff_c?offer_id=16118&aff_id=14073&url_id=24585&aff_sub2=648372a780a0a00001259101&aff_sub=4571_153875
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.200.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-200-194.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 09 Jun 2023 18:42:47 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
X-Request-Id
40e1146c401e7b069b32f718ac2404c2

Redirect headers

access-control-allow-origin
*
content-length
0
date
Fri, 09 Jun 2023 18:42:47 GMT
location
https://mail.hodtd.com/aff_c?offer_id=16118&aff_id=14073&url_id=24585&aff_sub2=648372a780a0a00001259101&aff_sub=4571_153875
server
nginx
x-adjust-use-original-forwarded-for
1

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

16 Cookies

Domain/Path Name / Value
.3n5qo.bemobtrcks.com/ Name: bemob-uniq-visit:bf2eb990-a840-44eb-be4d-46beb8b04ef3
Value: 1
.3n5qo.bemobtrcks.com/ Name: bemob-rotation:bf2eb990-a840-44eb-be4d-46beb8b04ef3:random:0fa968d1fc1e9d77d43bf41f903d0728
Value: 0-0-0
.3n5qo.bemobtrcks.com/ Name: bemob-click-id
Value: EV9GSkMRZAgitZz3DhjwQi
.dl-fastload.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.dl-fastload.com/ Name: gdm_click_adv_freq_v1_1_001
Value: LXoH7hSU3RaqOWMG4iZ2Hu2wnxBB+ONyw+7nIS5VZnfWgZdk7DAXeMH/mTScsmjc
.dl-fastload.com/ Name: gdm_sid_v1_3_001
Value: wx0jawIqsEwYg7ZEXL3zbmQEFRjDT5YvDZtBAim687B8PnEnTm4qoQEe26bKqVshZOolQBVfS2BF7W16E1zGfZY7COAdQ4QBvAYuUDr8JYfS+UrngRwmJMeE58zwwljKpHUi2HZVQfb+RrYIgX52qKdqKkc2t0jrBm0N0whzuF/8kzaSrMt3yYFsUHcJtpAkVS50bBj0wiRT5LGktZLIhKY+FTZWueiZAnYUD8m7Jk04ZuYwb9m+KCRamdpMx1BXhSd23xmsQvgWqgCJKDI63n/Tx24HGhmgLN4kd5Esq4SH6mATI9hh3n5558Uz7e3rxfikVVhG8oVASF9JO3j2xc5Ho/wQThlYeTFI83keN+ws2flfFYhb30pyuNgxHmWfMsplRBGRsmRhJwJLyb0TkVznrp7ag5zg0goKnzoFyDaIv/HoxruP0ls8dwisj4lZp1TKQr75McS1wy5e5Ks8GHKurC3rXV5fLH/5/97IJEEIwEUtTtxH2xOI/EoFMSCKYUSBUGOWVKd80wU5vCkBv5KMXuwjPAaspET4J/4y6vUmqycXmj5yYhcjAquGXZApFOEIMBB5cjlj30oitgX8Zpkn0WusBOghoh3lf2JUkxEb2u6Mz1BquxsimZZii1mZ3x7jH4TCKfcdHW8n63ADQ5HC0Xsvf4EFejmfR4ozLopBTxYYTKeVLKpqCcg6OVoP3rdYPcRTLQNzK8naYWojzCiyjbzpajXJFyzjG5099TmLVv4by0mEMQ2NNaBYmq1ko8Nsee6BYWd2CYvuBgxDK4oVVZTeUnaSZ3YUSlohWgESvGDrza1Gw7E2CAF/vifRUWNUydi3A0rwHAF7Rx5HboajayPBWTyCfDwlnE2bqgzZ3osFvz5LOScJUx1xtJUQwN9SGEbXYWw6jUBVqPOlrqSUYUslEMd/PHSaN7qKiRPgN3z2adrFjUdmcQlSIaioSoafVtzNKP3/WCQbSRfRONUNe7Vkg/l2+fqWLLL3Mng0m89z8oIzSaW7Hs3qt3KPQ4771GrnJg6yIxDD/WkD/5O0R8VdN1Dw03vbTuaZrvsYBXiy6LW+MhX4RMXLanXjUdALjBlcKkH8uPf6YDzsdQ==
.dl-fastload.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.dl-fastload.com/ Name: gdm_uid_v2_1_001
Value: 3CqUAYsTnDdPqxRtda7AOwwfldBoMzFIIzNKzsAc5RMkp7b+Da8Db9QhyV6fR+Z/
.dl-fastload.com/ Name: gdm_click_freq_v1_1_001
Value: i2GVA43KzZkgNfjdJluYbeQbXNRFPbyR65Eog0Imvtwfa7YJ7r8vWNJlwHPox7X/
.dl-fastload.com/ Name: gdm_click_freq_v2_1_001
Value: i2GVA43KzZkgNfjdJluYbeQbXNRFPbyR65Eog0Imvtwfa7YJ7r8vWNJlwHPox7X/
.dl-fastload.com/ Name: gdm_uid_v1_1_001
Value: 3CqUAYsTnDdPqxRtda7AOwwfldBoMzFIIzNKzsAc5RMkp7b+Da8Db9QhyV6fR+Z/
.dl-fastload.com/ Name: gdm_sid_v2_3_001
Value: wx0jawIqsEwYg7ZEXL3zbmQEFRjDT5YvDZtBAim687B8PnEnTm4qoQEe26bKqVshZOolQBVfS2BF7W16E1zGfZY7COAdQ4QBvAYuUDr8JYfS+UrngRwmJMeE58zwwljKpHUi2HZVQfb+RrYIgX52qKdqKkc2t0jrBm0N0whzuF/8kzaSrMt3yYFsUHcJtpAkVS50bBj0wiRT5LGktZLIhKY+FTZWueiZAnYUD8m7Jk04ZuYwb9m+KCRamdpMx1BXhSd23xmsQvgWqgCJKDI63n/Tx24HGhmgLN4kd5Esq4SH6mATI9hh3n5558Uz7e3rxfikVVhG8oVASF9JO3j2xc5Ho/wQThlYeTFI83keN+ws2flfFYhb30pyuNgxHmWfMsplRBGRsmRhJwJLyb0TkVznrp7ag5zg0goKnzoFyDaIv/HoxruP0ls8dwisj4lZp1TKQr75McS1wy5e5Ks8GHKurC3rXV5fLH/5/97IJEEIwEUtTtxH2xOI/EoFMSCKYUSBUGOWVKd80wU5vCkBv5KMXuwjPAaspET4J/4y6vUmqycXmj5yYhcjAquGXZApFOEIMBB5cjlj30oitgX8Zpkn0WusBOghoh3lf2JUkxEb2u6Mz1BquxsimZZii1mZ3x7jH4TCKfcdHW8n63ADQ5HC0Xsvf4EFejmfR4ozLopBTxYYTKeVLKpqCcg6OVoP3rdYPcRTLQNzK8naYWojzCiyjbzpajXJFyzjG5099TmLVv4by0mEMQ2NNaBYmq1ko8Nsee6BYWd2CYvuBgxDK4oVVZTeUnaSZ3YUSlohWgESvGDrza1Gw7E2CAF/vifRUWNUydi3A0rwHAF7Rx5HboajayPBWTyCfDwlnE2bqgzZ3osFvz5LOScJUx1xtJUQwN9SGEbXYWw6jUBVqPOlrqSUYUslEMd/PHSaN7qKiRPgN3z2adrFjUdmcQlSIaioSoafVtzNKP3/WCQbSRfRONUNe7Vkg/l2+fqWLLL3Mng0m89z8oIzSaW7Hs3qt3KPQ4771GrnJg6yIxDD/WkD/5O0R8VdN1Dw03vbTuaZrvsYBXiy6LW+MhX4RMXLanXjUdALjBlcKkH8uPf6YDzsdQ==
.dl-fastload.com/ Name: gdm_click_adv_freq_v2_1_001
Value: LXoH7hSU3RaqOWMG4iZ2Hu2wnxBB+ONyw+7nIS5VZnfWgZdk7DAXeMH/mTScsmjc
go.1to3.me/ Name: 347156e80e8a4a6478dc3732d3fbb535
Value: 1
clixscale.g2afse.com/ Name: afclick
Value: 648372a780a0a00001259101
mail.hodtd.com/ Name: aff_ran_url_16118
Value: 24585

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3n5qo.bemobtrcks.com
clixscale.g2afse.com
dl-fastload.com
go.1to3.me
go.atb4.me
goldenendings.org
mail.hodtd.com
2a05:d014:286:3501:c236:acb6:449f:1f92
34.120.192.135
34.147.37.248
35.233.96.203
45.141.159.22
5.161.89.246
52.16.200.194
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855