urlscan.io logo urlscan.io
SecurityTrails logo

subscribe.newsletter2go.com Open in urlscan Pro
195.201.106.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://subscribe.newsletter2go.amxe.net/pnkqeksz-sig69j8k-ptgr92k2-x5y
Effective URL: https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired
Submission: On September 24 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 195.201.106.121, located in Germany and belongs to HETZNER-AS, DE. The main domain is subscribe.newsletter2go.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on May 31st 2020. Valid for: 2 years.
This is the only time subscribe.newsletter2go.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 213.133.127.169 24940 (HETZNER-AS)
1 5 195.201.106.121 24940 (HETZNER-AS)
1 3 94.130.193.196 24940 (HETZNER-AS)
1 104.18.169.67 13335 (CLOUDFLAR...)
7 3
1    213.133.127.169 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: tracking.newsletter2go.com
subscribe.newsletter2go.amxe.net
5    195.201.106.121 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.121.106.201.195.clients.your-server.de
static.newsletter2go.com
subscribe.newsletter2go.com
3    94.130.193.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.193.130.94.clients.your-server.de
api.newsletter2go.com
1    104.18.169.67 (None, )

ASN13335 (CLOUDFLARENET, US)
files.newsletter2go.com
Domain Requested by
3 subscribe.newsletter2go.com subscribe.newsletter2go.com
3 api.newsletter2go.com 1 redirects static.newsletter2go.com
2 static.newsletter2go.com 1 redirects subscribe.newsletter2go.com
1 files.newsletter2go.com subscribe.newsletter2go.com
1 subscribe.newsletter2go.amxe.net 1 redirects
7 5

This site contains no links.

Subject Issuer Validity Valid
*.newsletter2go.com
RapidSSL TLS RSA CA G1		 2020-05-31 -
2022-05-31		 2 years crt.sh
newsletter2go.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired
Frame ID: 694CEE90CA94DEB34BA973DA208A1CC4
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmeldeformulare

Page URL History Show full URLs

  1. http://subscribe.newsletter2go.amxe.net/pnkqeksz-sig69j8k-ptgr92k2-x5y HTTP 302
    https://static.newsletter2go.com/index.php?n2g=pnkqeksz-sig69j8k-ptgr92k2-x5y HTTP 302
    https://api.newsletter2go.com/newsletters/click/pnkqeksz-sig69j8k-ptgr92k2-x5y HTTP 302
    https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

3
IPs

2
Countries

97 kB
Transfer

434 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://subscribe.newsletter2go.amxe.net/pnkqeksz-sig69j8k-ptgr92k2-x5y HTTP 302
    https://static.newsletter2go.com/index.php?n2g=pnkqeksz-sig69j8k-ptgr92k2-x5y HTTP 302
    https://api.newsletter2go.com/newsletters/click/pnkqeksz-sig69j8k-ptgr92k2-x5y HTTP 302
    https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
subscribe.newsletter2go.com/
Redirect Chain
  • http://subscribe.newsletter2go.amxe.net/pnkqeksz-sig69j8k-ptgr92k2-x5y
  • https://static.newsletter2go.com/index.php?n2g=pnkqeksz-sig69j8k-ptgr92k2-x5y
  • https://api.newsletter2go.com/newsletters/click/pnkqeksz-sig69j8k-ptgr92k2-x5y
  • https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.106.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.106.201.195.clients.your-server.de
Software
nginx /
Resource Hash
2a5a19308a4101031c26667a5d69eb676ec5abee7f268236f115524c122b461e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Host
subscribe.newsletter2go.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 24 Sep 2021 06:38:20 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Last-Modified
Tue, 27 Oct 2020 13:25:44 GMT
ETag
W/"5f981fd8-9f1"
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-XSS-Protection
1
X-Upstream
136.243.111.209:8205
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 24 Sep 2021 06:32:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://subscribe.newsletter2go.com?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1
Pragma
no-cache
Cache-Control
no-cache
X-Upstream
138.201.59.183:8200
styles.css
subscribe.newsletter2go.com/css/ 		366 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://subscribe.newsletter2go.com/css/styles.css
Requested by
Host: subscribe.newsletter2go.com
URL: https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.106.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.106.201.195.clients.your-server.de
Software
nginx /
Resource Hash
ecde2c96f0dc3068a2fd46ec1361d9f1cd94de41d5ef72c1f9a8b7c1f3dbbb19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
subscribe.newsletter2go.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 06:38:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Oct 2020 11:31:20 GMT
Server
nginx
ETag
W/"5f980508-5b940"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
X-Upstream
138.201.29.81:8205
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
X-XSS-Protection
1
utils.js
static.newsletter2go.com/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.newsletter2go.com/utils.js
Requested by
Host: subscribe.newsletter2go.com
URL: https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.106.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.106.201.195.clients.your-server.de
Software
nginx /
Resource Hash
9e42fa15a0cd79a9082c0fc82192b1aed32f106d696b18ef408074ee4be4a4b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subscribe.newsletter2go.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Sep 2021 06:38:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, Accept-Encoding
X-Fpm
default
Content-Type
application/javascript
X-Upstream
195.201.106.121:8207
Cache-Control
no-cache
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1
proximanova-regular.woff
subscribe.newsletter2go.com/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://subscribe.newsletter2go.com/fonts/proximanova-regular.woff
Requested by
Host: subscribe.newsletter2go.com
URL: https://subscribe.newsletter2go.com/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.201.106.121 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.121.106.201.195.clients.your-server.de
Software
nginx /
Resource Hash
1d33041f181843139dfb90c760ced6e140b4b4975ef1422fce877def6fd06653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://subscribe.newsletter2go.com
Accept-Encoding
gzip, deflate, br
Host
subscribe.newsletter2go.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://subscribe.newsletter2go.com/css/styles.css
Connection
keep-alive
Referer
https://subscribe.newsletter2go.com/css/styles.css
Origin
https://subscribe.newsletter2go.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 24 Sep 2021 06:38:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Jan 2021 14:27:26 GMT
Server
nginx
ETag
"6011784e-6874"
Strict-Transport-Security
max-age=31536000
Content-Type
application/font-woff
X-Upstream
195.201.106.121:8205
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26740
X-XSS-Protection
1
loader.svg
files.newsletter2go.com/thumbs/ 		1 KB
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.newsletter2go.com/thumbs/loader.svg
Requested by
Host: subscribe.newsletter2go.com
URL: https://subscribe.newsletter2go.com/?nlid=v2wulefr&n2g=pnkqeksz-tzf3y5f7-f1s8kc5z-woc&n2g_state=doi_expired
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.169.67 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5805ff6111976080c2c6a0212e67017fe2179fdb63d1bc23d1696ce3ee902ef0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://subscribe.newsletter2go.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 06:32:48 GMT
via
1.1 varnish (Varnish/6.4)
x-content-type-options
nosniff
cf-cache-status
HIT
age
3771
cf-ray
6939fa462eaf2163-DUS
content-encoding
br
x-xss-protection
1
last-modified
Thu, 02 Apr 2020 02:35:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"4ac918f7d6c25f68c4dc1414129814fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-varnish
7768157 11507972
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
content-type
image/svg+xml
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Fri, 24 Sep 2021 10:32:48 GMT
pnkqeksz-tzf3y5f7-f1s8kc5z-woc
api.newsletter2go.com/forms/generate/ 		14 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.newsletter2go.com/forms/generate/pnkqeksz-tzf3y5f7-f1s8kc5z-woc?type=subscribe
Requested by
Host: static.newsletter2go.com
URL: https://static.newsletter2go.com/utils.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.193.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.193.130.94.clients.your-server.de
Software
nginx /
Resource Hash
90d7c09ecb2d7e916d2c7eae48a6644427426d7cf09f8c305cf1e6cb0f1dd29e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://subscribe.newsletter2go.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

Date
Fri, 24 Sep 2021 06:32:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS,TRACE
Connection
keep-alive
X-XSS-Protection
1
pragma
no-cache
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
application/json
X-Upstream
88.99.90.166:8200
Cache-Control
no-cache
Access-Control-Allow-Headers
authorization, Content-Type, N2G-Client
expires
-1
pnkqeksz-tzf3y5f7-f1s8kc5z-woc
api.newsletter2go.com/forms/generate/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.newsletter2go.com/forms/generate/pnkqeksz-tzf3y5f7-f1s8kc5z-woc?type=subscribe
Protocol
HTTP/1.1
Server
94.130.193.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.193.130.94.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://subscribe.newsletter2go.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Fri, 24 Sep 2021 06:32:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Cache-Control
no-cache
pragma
no-cache
expires
-1
Access-Control-Max-Age
86400
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
authorization, Content-Type, N2G-Client
Access-Control-Allow-Methods
GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS,TRACE
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1
X-Upstream
78.46.91.231:8200
Content-Encoding
gzip

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| config string| Newsletter2GoTrackingObject function| n2g object| utilToUse

1 Cookies

Domain/Path Name / Value
static.newsletter2go.com/ Name: n2g
Value: pnkqeksz-sig69j8k-ptgr92k2-x5y

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1