urlscan.io logo urlscan.io
SecurityTrails logo

mail.hodtd.com Open in urlscan Pro
52.16.200.194  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://goldenendings.org/?VF85MTA0MF81Njc1NTM5Ml80dGhWN3E4Nkc2VmlSMVdmdGgzTXBSS0RlVE9QQk10M2l2cnloYmdjM1hDS0lYVURmR1o3WUt...
Effective URL: https://mail.hodtd.com/aff_c?offer_id=16118&aff_id=14073&url_id=24585&aff_sub2=6496597b1b0b600001870d03&aff_sub=4571_15...
Submission: On June 24 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 6 countries across 7 domains to perform 1 HTTP transactions. The main IP is 52.16.200.194, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is mail.hodtd.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 9th 2023. Valid for: 10 months.
This is the only time mail.hodtd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.161.89.246 213230 (HETZNER-C...)
1 1 2a05:d014:286... 16509 (AMAZON-02)
1 1 45.141.159.22 206776 (INTERDEX-...)
1 1 34.120.192.135 396982 (GOOGLE-CL...)
1 1 35.233.96.203 396982 (GOOGLE-CL...)
1 1 35.204.226.246 396982 (GOOGLE-CL...)
1 52.16.200.194 16509 (AMAZON-02)
1 1
1    5.161.89.246 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: goldenendings.org
goldenendings.org
1    2a05:d014:286:3501:c236:acb6:449f:1f92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
3n5qo.bemobtrcks.com
1    45.141.159.22 (Bulgaria)

ASN206776 (INTERDEX-NETWORK, SC)
PTR: no-rdns.krypton-network.com
dl-fastload.com
1    34.120.192.135 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 135.192.120.34.bc.googleusercontent.com
go.atb4.me
1    35.233.96.203 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.96.233.35.bc.googleusercontent.com
go.1to3.me
1    35.204.226.246 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.226.204.35.bc.googleusercontent.com
clixscale.g2afse.com
1    52.16.200.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-200-194.eu-west-1.compute.amazonaws.com
mail.hodtd.com
Apex Domain
Subdomains		 Transfer
1 hodtd.com
mail.hodtd.com
490 B
1 g2afse.com
clixscale.g2afse.com
270 B
1 1to3.me
go.1to3.me
440 B
1 atb4.me
go.atb4.me
324 B
1 dl-fastload.com
dl-fastload.com
3 KB
1 bemobtrcks.com
3n5qo.bemobtrcks.com
833 B
1 goldenendings.org
goldenendings.org
386 B
1 7
Domain Requested by
1 mail.hodtd.com
1 clixscale.g2afse.com 1 redirects
1 go.1to3.me 1 redirects
1 go.atb4.me 1 redirects
1 dl-fastload.com 1 redirects
1 3n5qo.bemobtrcks.com 1 redirects
1 goldenendings.org 1 redirects
1 7

This site contains no links.

Subject Issuer Validity Valid
mail.hodtd.com
Amazon RSA 2048 M01		 2023-02-09 -
2023-12-16		 10 months crt.sh

This page contains 1 frames:

Primary Page: https://mail.hodtd.com/aff_c?offer_id=16118&aff_id=14073&url_id=24585&aff_sub2=6496597b1b0b600001870d03&aff_sub=4571_153875
Frame ID: 46B4224430D88A8603E67509C0107A72
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

1
IPs

6
Countries

0 kB
Transfer

0 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request aff_c
mail.hodtd.com/
Redirect Chain
  • https://goldenendings.org/?VF85MTA0MF81Njc1NTM5Ml80dGhWN3E4Nkc2VmlSMVdmdGgzTXBSS0RlVE9QQk10M2l2cnloYmdjM1hDS0lYVURmR1o3WUtERG9wWFNQbElVdDg0VnRqcDlDdGdsZUdLMGpsV1Z6UFVZVTNtTGZoS0RWd0RhTTNhMVB6ZTF2OX...
  • https://3n5qo.bemobtrcks.com/go/bf2eb990-a840-44eb-be4d-46beb8b04ef3?mailer_id=1&email_id=56755392&drop_id=91040
  • https://dl-fastload.com/?a=153875&c=309733&mt=3&s1=1&s2=KkQjZfYA4XtE3awviLLKEx&s2=KkQjZfYA4XtE3awviLLKEx
  • https://go.atb4.me/4571/5273/?clickid=6354dad328c945139bd801174b0ed52f1d23a&pub=153875&sub_pub_id=1&fbid=
  • https://go.1to3.me/sl?id=624d57ac7dbfd0f4dadecb91&pid=3&sub1=4571&sub2=&sub3=153875&sub4=1&sub5=6354dad328c945139bd801174b0ed52f1d23a&sub6=ClickDealer&sub7=&sub8=&ref_id=6354dad328c945139bd801174b0...
  • https://clixscale.g2afse.com/sl?id=624d57ac7dbfd0f4dadecb91&pid=3&ref_id=6354dad328c945139bd801174b0ed52f1d23a_4571&sub1=4571&sub2=&sub3=153875&sub4=1&sub5=6354dad328c945139bd801174b0ed52f1d23a&sub...
  • https://mail.hodtd.com/aff_c?offer_id=16118&aff_id=14073&url_id=24585&aff_sub2=6496597b1b0b600001870d03&aff_sub=4571_153875
0
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.hodtd.com/aff_c?offer_id=16118&aff_id=14073&url_id=24585&aff_sub2=6496597b1b0b600001870d03&aff_sub=4571_153875
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.200.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-200-194.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sat, 24 Jun 2023 02:48:27 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
X-Request-Id
034724cf75a7e04e40a3afdc50222c76

Redirect headers

access-control-allow-origin
*
content-length
0
date
Sat, 24 Jun 2023 02:48:27 GMT
location
https://mail.hodtd.com/aff_c?offer_id=16118&aff_id=14073&url_id=24585&aff_sub2=6496597b1b0b600001870d03&aff_sub=4571_153875
server
nginx
x-adjust-use-original-forwarded-for
1

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

16 Cookies

Domain/Path Name / Value
.3n5qo.bemobtrcks.com/ Name: bemob-uniq-visit:bf2eb990-a840-44eb-be4d-46beb8b04ef3
Value: 1
.3n5qo.bemobtrcks.com/ Name: bemob-rotation:bf2eb990-a840-44eb-be4d-46beb8b04ef3:random:0fa968d1fc1e9d77d43bf41f903d0728
Value: 0-0-0
.3n5qo.bemobtrcks.com/ Name: bemob-click-id
Value: KkQjZfYA4XtE3awviLLKEx
.dl-fastload.com/ Name: gdm_suid_v2_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.dl-fastload.com/ Name: gdm_sid_v2_3_001
Value: vDqYwnNiMjXdTEaiAq4nmHYAkZjPKuB6LPlzBZdolYoN6Gde2tq+Q8bdrw26mE4v9OZaPm7PlO/8jEV3KOkZOezWWFB5FIK8wEX87GRfkXZqcqEIVeolmd9r/0IKKMYHKMHPQchNzK//LsIbH7kqdTgdJOEb/SIl2hRriohc8Q8bMz+IArrOFCZb1aJlhN6enMuGJ6rDcCHf6vBxxFMA5rax6ufcYE5TVhzOT/ucVz3CFsg+lj2BC3ooOVchPiLFyQ8Ahbik8NBdh5NjHMO6EPF6+38tcYiCnHIL6n7wVSygSID0BEE1T9ol63bbOxRuVJunuoPssxRBIhMyqMAMAg/JhLDyv1QuNKgLR6DtfrK1OTmjZSF3Lz1jqHHj/iaYFj2RSbrkzVcjnWvo6UHouseCFg3I458VqtA1UA0r6SMAU1d3PwmPNUZbpwbSKFa6mhPjUxVrEU9Bwtm1fIi6HY1UhYafhyaf1UGqtV9t5bsicIC8sGNkfcrfyS6reaDHizYGPDPpGpSQrZjL7EnEp9jhmVq7EWqHehqAEQy0eJlcj4dsNuut4x734ewwNQhq2SY8PYkpBcM0cGwLjv2wjlhvVCUdyFPLX0JKeK9lsvbxnyulw7QHawqZ2HRiBiOro4Vl0kP3aD4dgd+c3W+q3ap5ohYEfkpZ4DEBnPnWbOSYW8HWGLorlGDN2rxOxoJC4CmrCf1tKr8rywjTe5tFV+VHsSR4hWVOPTpChaXoxBgrksqhwtnMIbubh9AZZc6Oem5DQgPCjX7bbBAG0eGbqch/ySHEx9B15BlEPeLfyzszLLKj62zCwUPg0fultvTXxEbLFAXNzCGpETGorgRDL7ugsRlq0yCR7qsEZrzlC9JVF1CzvFFZ34Zkt79GBN42udGIoWgS3AAGr0+SOtKyVrZcUR/RcNrgOO3NU0OvbHMwYaycd70qhkseUQwB3ROctmy8eGx0AWhnQX2plCmDO0G5UGfmJSqhJck0tG69kVhz5JLawTRc9ILESn2YQmbjmxQvqsPnHapFNiSRXbcrJbKJ2YEfIKNo7c1KcUcRX85qL7cb9i4N31i0uiZNi6m1HsbR+r1r2N/GIHH/SZ1JIQ==
.dl-fastload.com/ Name: gdm_click_adv_freq_v2_1_001
Value: LXoH7hSU3RaqOWMG4iZ2HlkUs0/bvP1fW5Qo7PL2QVPdbPGZEAyR4Gy+8A06K3Ye
.dl-fastload.com/ Name: gdm_sid_v1_3_001
Value: vDqYwnNiMjXdTEaiAq4nmHYAkZjPKuB6LPlzBZdolYoN6Gde2tq+Q8bdrw26mE4v9OZaPm7PlO/8jEV3KOkZOezWWFB5FIK8wEX87GRfkXZqcqEIVeolmd9r/0IKKMYHKMHPQchNzK//LsIbH7kqdTgdJOEb/SIl2hRriohc8Q8bMz+IArrOFCZb1aJlhN6enMuGJ6rDcCHf6vBxxFMA5rax6ufcYE5TVhzOT/ucVz3CFsg+lj2BC3ooOVchPiLFyQ8Ahbik8NBdh5NjHMO6EPF6+38tcYiCnHIL6n7wVSygSID0BEE1T9ol63bbOxRuVJunuoPssxRBIhMyqMAMAg/JhLDyv1QuNKgLR6DtfrK1OTmjZSF3Lz1jqHHj/iaYFj2RSbrkzVcjnWvo6UHouseCFg3I458VqtA1UA0r6SMAU1d3PwmPNUZbpwbSKFa6mhPjUxVrEU9Bwtm1fIi6HY1UhYafhyaf1UGqtV9t5bsicIC8sGNkfcrfyS6reaDHizYGPDPpGpSQrZjL7EnEp9jhmVq7EWqHehqAEQy0eJlcj4dsNuut4x734ewwNQhq2SY8PYkpBcM0cGwLjv2wjlhvVCUdyFPLX0JKeK9lsvbxnyulw7QHawqZ2HRiBiOro4Vl0kP3aD4dgd+c3W+q3ap5ohYEfkpZ4DEBnPnWbOSYW8HWGLorlGDN2rxOxoJC4CmrCf1tKr8rywjTe5tFV+VHsSR4hWVOPTpChaXoxBgrksqhwtnMIbubh9AZZc6Oem5DQgPCjX7bbBAG0eGbqch/ySHEx9B15BlEPeLfyzszLLKj62zCwUPg0fultvTXxEbLFAXNzCGpETGorgRDL7ugsRlq0yCR7qsEZrzlC9JVF1CzvFFZ34Zkt79GBN42udGIoWgS3AAGr0+SOtKyVrZcUR/RcNrgOO3NU0OvbHMwYaycd70qhkseUQwB3ROctmy8eGx0AWhnQX2plCmDO0G5UGfmJSqhJck0tG69kVhz5JLawTRc9ILESn2YQmbjmxQvqsPnHapFNiSRXbcrJbKJ2YEfIKNo7c1KcUcRX85qL7cb9i4N31i0uiZNi6m1HsbR+r1r2N/GIHH/SZ1JIQ==
.dl-fastload.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
.dl-fastload.com/ Name: gdm_click_adv_freq_v1_1_001
Value: LXoH7hSU3RaqOWMG4iZ2HlkUs0/bvP1fW5Qo7PL2QVPdbPGZEAyR4Gy+8A06K3Ye
.dl-fastload.com/ Name: gdm_click_freq_v1_1_001
Value: i2GVA43KzZkgNfjdJluYbdCNb/0w/G9zeXshy2j7ueH3607r0oGAnv5TqZd/OL+i
.dl-fastload.com/ Name: gdm_uid_v2_1_001
Value: lUilCpskrjP7+I8JnZGA6gVdoWPPA3i8V2lTV+2SBmZHtt52lOlfy84HkyCflvdi
.dl-fastload.com/ Name: gdm_click_freq_v2_1_001
Value: i2GVA43KzZkgNfjdJluYbdCNb/0w/G9zeXshy2j7ueH3607r0oGAnv5TqZd/OL+i
.dl-fastload.com/ Name: gdm_uid_v1_1_001
Value: lUilCpskrjP7+I8JnZGA6gVdoWPPA3i8V2lTV+2SBmZHtt52lOlfy84HkyCflvdi
go.1to3.me/ Name: b89ba34a4f8d3e5687a16a92e519083a
Value: 1
clixscale.g2afse.com/ Name: afclick
Value: 6496597b1b0b600001870d03
mail.hodtd.com/ Name: aff_ran_url_16118
Value: 24585

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3n5qo.bemobtrcks.com
clixscale.g2afse.com
dl-fastload.com
go.1to3.me
go.atb4.me
goldenendings.org
mail.hodtd.com
2a05:d014:286:3501:c236:acb6:449f:1f92
34.120.192.135
35.204.226.246
35.233.96.203
45.141.159.22
5.161.89.246
52.16.200.194
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855