urlscan.io logo urlscan.io
SecurityTrails logo

vochtbestrijding-offerte.be Open in urlscan Pro
37.97.144.64  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://infor.icsitec.com/aim?f=cv78vbaOTGjZrazxGU4fx5jQyHnl3nQ4YtyajsY3+tGFVVKWDWWMIawZ2qCjINZBVM6/YyQdac14QodGCWPsFlyJzM...
Effective URL: https://vochtbestrijding-offerte.be/?utm_source=LoudingAds&utm_medium=cpl&utm_campaign=vbsBE&utm_term=1011
Submission: On July 18 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 5 domains to perform 2 HTTP transactions. The main IP is 37.97.144.64, located in Netherlands and belongs to TRANSIP-AS Amsterdam, the Netherlands, NL. The main domain is vochtbestrijding-offerte.be.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 12th 2019. Valid for: 3 months.
This is the only time vochtbestrijding-offerte.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 217.116.16.235 16371 (ACENS_AS ...)
1 2 217.116.16.234 16371 (ACENS_AS ...)
1 1 52.30.52.254 16509 (AMAZON-02)
1 37.97.144.64 20857 (TRANSIP-A...)
2 2
2    217.116.16.235 (Spain)

ASN16371 (ACENS_AS (Spain) Hosting, housing and VPN services, ES)
PTR: 217-116-16-235.redes.acens.net
infor.icsitec.com
din1.bestplan.es
2    217.116.16.234 (Spain)

ASN16371 (ACENS_AS (Spain) Hosting, housing and VPN services, ES)
PTR: 217-116-16-234.redes.acens.net
lot.neatpowr.com
1    52.30.52.254 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-52-254.eu-west-1.compute.amazonaws.com
loudingads.go2cloud.org
1    37.97.144.64 (Netherlands)

ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
PTR: 37-97-144-64.colo.transip.net
vochtbestrijding-offerte.be
Apex Domain
Subdomains		 Transfer
2 neatpowr.com
lot.neatpowr.com
867 B
1 vochtbestrijding-offerte.be
vochtbestrijding-offerte.be
1 go2cloud.org
loudingads.go2cloud.org
2 KB
1 bestplan.es
din1.bestplan.es
831 B
1 icsitec.com
infor.icsitec.com
777 B
2 5
Domain Requested by
2 lot.neatpowr.com 1 redirects
1 vochtbestrijding-offerte.be
1 loudingads.go2cloud.org 1 redirects
1 din1.bestplan.es 1 redirects
1 infor.icsitec.com 1 redirects
2 5

This site contains no links.

Subject Issuer Validity Valid
vochtbestrijding-offerte.be
Let's Encrypt Authority X3		 2019-06-12 -
2019-09-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://vochtbestrijding-offerte.be/?utm_source=LoudingAds&utm_medium=cpl&utm_campaign=vbsBE&utm_term=1011
Frame ID: 4D2E755C20B9724914BC6DFD69AB218C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://loudingads.go2cloud.org/aff_c?offer_id=80&aff_id=1011&file_id=1193&aff_sub=may&aff_sub2=B7A016537D42... HTTP 302
    https://vochtbestrijding-offerte.be/?utm_source=LoudingAds&utm_medium=cpl&utm_campaign=vbsBE&utm_term=1011 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

2
IPs

3
Countries

0 kB
Transfer

64 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://loudingads.go2cloud.org/aff_c?offer_id=80&aff_id=1011&file_id=1193&aff_sub=may&aff_sub2=B7A016537D424DB241813F55A2B136DE HTTP 302
    https://vochtbestrijding-offerte.be/?utm_source=LoudingAds&utm_medium=cpl&utm_campaign=vbsBE&utm_term=1011 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://infor.icsitec.com/aim?f=cv78vbaOTGjZrazxGU4fx5jQyHnl3nQ4YtyajsY3+tGFVVKWDWWMIawZ2qCjINZBVM6/YyQdac14QodGCWPsFlyJzMAML7S+c8/tovP6o4FMh3cUI8wF0qoGpePZZTH+/vnb/0KVmeJg0w/cUrsG8it0x1FdGk2NWvP7V2fTYWwDnUZahTXVk9I/UFtpCXysbyss6JOC48BwF6oPPsSY0CylGu3Aa7EENKLeDKUjELF1eRig7VqcgXc1onGKew7QnXqe2fHNnSOmqPF5xPnUZLT7uy1w4BWISFBQBbdZbOA/YqEcS6WxSTPbuCxSUgtK3lYChsT4gjU/ZAh/jOKndx67DNGBKuskb8KX60YVKHCmSkDMUhTt6t263ky+mMvB3B2AvhxAL1Odr0uAgscNxAjypFgMfJtt/4xQWlgojZFoxC6j/WotxdoH+p3naPdWWlzfrIZl6JAZhBGbRwKk97PLBJcSl4Qz5Jm3FxxADpom2jMNVK2uJM0nsMQo/RN+EYI9Vi9ptb8ROqFSFCO4EhL8ElPzPJZ9OJegB2THNbLe5sQsbGT91vCNAnDEDtbxB5LvUj9od98PEIq9gFexZWhrlE3q7wCTOV2Vmq1o+r327DsffP8h+mcetcPRWW5sGyZJYFjgy81bugt6&hid=9 HTTP 302
  • http://din1.bestplan.es/sc.aspx?t=c&emailr=jose.vanimpe@gmail.com&urlr=http%3a%2f%2flot.neatpowr.com%2faff_c%3foffer_id%3d3931%26aff_id%3d1350%26file_id%3d9236%26url_id%3d16539%26idpers%3d3931%26idcal%3d417053%26aff_sub%3d2019-07-17%26aff_sub2%3df03c589a-9fb9-434d-a479-101a1d9beb42%26aff_sub3%3dUSA_LEO_RAC_E98_S17%40Gmail%40Belgica-Holanda%40infor.icsitec.com%4028929-20190717%40GMAIL.COM%26dominiop%3dinfor.icsitec.com0%26perm%3dAC%26sub_id6%3dAC%26ips%3dUSA_LEO_RAC_E98_S17%26sub_id8%3df03c589a-9fb9-434d-a479-101a1d9beb42%26dom%3dGmail%26sub_id7%3dGMAIL.COM%26idh%3d28929&idv=f03c589a-9fb9-434d-a479-101a1d9beb42 HTTP 302
  • http://lot.neatpowr.com/aff_c?offer_id=3931&aff_id=1350&file_id=9236&url_id=16539&idpers=3931&idcal=417053&aff_sub=2019-07-17&aff_sub2=f03c589a-9fb9-434d-a479-101a1d9beb42&aff_sub3=USA_LEO_RAC_E98_S17@Gmail@Belgica-Holanda@infor.icsitec.com@28929-20190717@GMAIL.COM&dominiop=infor.icsitec.com0&perm=AC&sub_id6=AC&ips=USA_LEO_RAC_E98_S17&sub_id8=f03c589a-9fb9-434d-a479-101a1d9beb42&dom=Gmail&sub_id7=GMAIL.COM&idh=28929 HTTP 302
  • http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2floudingads.go2cloud.org%2faff_c%3foffer_id%3d80%26aff_id%3d1011%26file_id%3d1193%26aff_sub%3dmay%26aff_sub2%3dB7A016537D424DB241813F55A2B136DE

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
rd
lot.neatpowr.com/
Redirect Chain
  • http://infor.icsitec.com/aim?f=cv78vbaOTGjZrazxGU4fx5jQyHnl3nQ4YtyajsY3+tGFVVKWDWWMIawZ2qCjINZBVM6/YyQdac14QodGCWPsFlyJzMAML7S+c8/tovP6o4FMh3cUI8wF0qoGpePZZTH+/vnb/0KVmeJg0w/cUrsG8it0x1FdGk2NWvP7V2...
  • http://din1.bestplan.es/sc.aspx?t=c&emailr=jose.vanimpe@gmail.com&urlr=http%3a%2f%2flot.neatpowr.com%2faff_c%3foffer_id%3d3931%26aff_id%3d1350%26file_id%3d9236%26url_id%3d16539%26idpers%3d3931%26id...
  • http://lot.neatpowr.com/aff_c?offer_id=3931&aff_id=1350&file_id=9236&url_id=16539&idpers=3931&idcal=417053&aff_sub=2019-07-17&aff_sub2=f03c589a-9fb9-434d-a479-101a1d9beb42&aff_sub3=USA_LEO_RAC_E98_...
  • http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2floudingads.go2cloud.org%2faff_c%3foffer_id%3d80%26aff_id%3d1011%26file_id%3d1193%26aff_sub%3dmay%26aff_sub2%3dB7A016537D424DB241813F55A2B136DE
0
347 B 		Document
General
Check archive.org
Download Go to
Full URL
http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2floudingads.go2cloud.org%2faff_c%3foffer_id%3d80%26aff_id%3d1011%26file_id%3d1193%26aff_sub%3dmay%26aff_sub2%3dB7A016537D424DB241813F55A2B136DE
Protocol
HTTP/1.1
Server
217.116.16.234 , Spain, ASN16371 (ACENS_AS (Spain) Hosting, housing and VPN services, ES),
Reverse DNS
217-116-16-234.redes.acens.net
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
lot.neatpowr.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
p-data=trid=B7A016537D424DB241813F55A2B136DE&ds=19/07/2019
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html
Server
Microsoft-IIS/8.5
Refresh
0;URL=http://loudingads.go2cloud.org/aff_c?offer_id=80&aff_id=1011&file_id=1193&aff_sub=may&aff_sub2=B7A016537D424DB241813F55A2B136DE
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Thu, 18 Jul 2019 23:11:01 GMT
Content-Length
0

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
/rd?urlrd=http%3a%2f%2floudingads.go2cloud.org%2faff_c%3foffer_id%3d80%26aff_id%3d1011%26file_id%3d1193%26aff_sub%3dmay%26aff_sub2%3dB7A016537D424DB241813F55A2B136DE
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Set-Cookie
p-data=trid=B7A016537D424DB241813F55A2B136DE&ds=19/07/2019; expires=Sun, 18-Aug-2019 23:11:02 GMT; path=/
X-Powered-By
ASP.NET
Date
Thu, 18 Jul 2019 23:11:01 GMT
Content-Length
5685
Primary Request Cookie set /
vochtbestrijding-offerte.be/
Redirect Chain
  • http://loudingads.go2cloud.org/aff_c?offer_id=80&aff_id=1011&file_id=1193&aff_sub=may&aff_sub2=B7A016537D424DB241813F55A2B136DE
  • https://vochtbestrijding-offerte.be/?utm_source=LoudingAds&utm_medium=cpl&utm_campaign=vbsBE&utm_term=1011
64 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vochtbestrijding-offerte.be/?utm_source=LoudingAds&utm_medium=cpl&utm_campaign=vbsBE&utm_term=1011
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.97.144.64 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
37-97-144-64.colo.transip.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Host
vochtbestrijding-offerte.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2floudingads.go2cloud.org%2faff_c%3foffer_id%3d80%26aff_id%3d1011%26file_id%3d1193%26aff_sub%3dmay%26aff_sub2%3dB7A016537D424DB241813F55A2B136DE
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2floudingads.go2cloud.org%2faff_c%3foffer_id%3d80%26aff_id%3d1011%26file_id%3d1193%26aff_sub%3dmay%26aff_sub2%3dB7A016537D424DB241813F55A2B136DE

Response headers

Server
nginx/1.10.3 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Cache-Control
no-cache, private
Date
Thu, 18 Jul 2019 23:11:34 GMT
Set-Cookie
laravel_session=eyJpdiI6IkFHRGg0MlByNEVLd2Yrb1E2MkRkTkE9PSIsInZhbHVlIjoiNSt0dkV5NU82OHREYkxJRFJrcVIxeHVWV2Fzb0tRbENqM2k3R202SjFheUhuT1pUTXNrcEtOc0NTbXRkMW1ocUwzWXhYYktSVWh4NUdDMVlPdmRxeVE9PSIsIm1hYyI6ImQzNmNlZTA4MmM4MDkwMGQyNDFjZTc4OTQ3N2YxMzcyN2VkNDU0YjlkNDRiZTdkNTI3MmU5YWM1NmQxYWZlYWYifQ%3D%3D; expires=Fri, 19-Jul-2019 01:11:34 GMT; Max-Age=7200; path=/; HttpOnly
Content-Encoding
gzip

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 18 Jul 2019 23:11:33 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://vochtbestrijding-offerte.be/?utm_source=LoudingAds&utm_medium=cpl&utm_campaign=vbsBE&utm_term=1011
P3P
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx/1.13.12
Set-Cookie
enc_aff_session_80=ENC03c3ca472cc2beb47404b155d9309f7c5fe307fc6f7dde778e97fcf2df826a64ea8c5db8df88f74741e9175e13aec881c7456364a4a1754e5256a31bcc7d5bd0351672970494f327a5ef202dfad95ccc454501bdcf9319441b7a08d24afcf407d2927e658fee3ac360ef9543bce8e3bb2a5d9ad7f1d6a8e190360df736448a6eaf7363888b6a183ee0e431d9a05378dac2d56d4d2024ee2f4c6f2f6a74237fd734ca51d357032a2dc38579a4d57a30ad385e97b400cd7e91f11927a07807b69e00e96b8f5602d899875e3466816048d7cc42a720e5a8f7d9b4bd2604ff4e1ace5e1e6914c58f7ac0311a77ae8fd17ddacb94cacc37550feadc6ac204e0bd969e0a29f21ee9ebfdde62993f72959f0421721e4beedbff3ebac646536fb058163f3c2676d444; expires=Sun, 18 Aug 2019 23:11:33 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=; expires=Sun, 12 Jun 2022 09:51:33 GMT; path=/;
tracking_id
102c43ac450d4a0abf062404122155
X-Robots-Tag
noindex, nofollow
Content-Length
302
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Domain/Path Name / Value
lot.neatpowr.com/ Name: p-data
Value: trid=B7A016537D424DB241813F55A2B136DE&ds=19/07/2019

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

din1.bestplan.es
infor.icsitec.com
lot.neatpowr.com
loudingads.go2cloud.org
vochtbestrijding-offerte.be
217.116.16.234
217.116.16.235
37.97.144.64
52.30.52.254
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855