urlscan.io logo urlscan.io
SecurityTrails logo

spanish.ud4l.in Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://laps-kt.z9uq.in/ga/click/2-132665274-14290-6582-12680-8296-0f69f1f899-4b478b21d4
Effective URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Submission: On June 12 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is spanish.ud4l.in.
TLS certificate: Issued by E1 on May 2nd 2023. Valid for: 3 months.
This is the only time spanish.ud4l.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 193.105.134.192 42237 (W1N)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
18 7
1    2606:4700:3031::ac43:bebe (United States)

ASN13335 (CLOUDFLARENET, US)
laps-kt.z9uq.in
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
spanish.ud4l.in
7    193.105.134.192 (Stockholm, Sweden)

ASN42237 (W1N, GB)
PTR: tank.mark-arrow.club
hillsnature.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2606:4700::6812:13b7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.by.wonderpush.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:20::681a:164 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
measurements-api.wonderpush.com
Apex Domain
Subdomains		 Transfer
7 hillsnature.com
hillsnature.com
400 KB
5 wonderpush.com
cdn.by.wonderpush.com — Cisco Umbrella Rank: 39480
measurements-api.wonderpush.com — Cisco Umbrella Rank: 34335
122 KB
3 ud4l.in
spanish.ud4l.in
5 KB
1 geojs.io
get.geojs.io — Cisco Umbrella Rank: 16407
840 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
6 KB
1 z9uq.in
laps-kt.z9uq.in
694 B
18 7
Domain Requested by
7 hillsnature.com spanish.ud4l.in
4 cdn.by.wonderpush.com spanish.ud4l.in
cdn.by.wonderpush.com
3 spanish.ud4l.in spanish.ud4l.in
1 measurements-api.wonderpush.com cdn.by.wonderpush.com
1 get.geojs.io cdn.by.wonderpush.com
1 fonts.googleapis.com hillsnature.com
1 cdnjs.cloudflare.com spanish.ud4l.in
1 laps-kt.z9uq.in 1 redirects
18 8

This site contains no links.

Subject Issuer Validity Valid
ud4l.in
E1		 2023-05-02 -
2023-07-31		 3 months crt.sh
hillsnature.com
R3		 2023-04-21 -
2023-07-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.by.wonderpush.com
GTS CA 1P5		 2023-04-11 -
2023-07-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
measurements-api.wonderpush.com
GTS CA 1D4		 2023-06-06 -
2023-09-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Frame ID: 94756F458E7CEE75BD789B16E6DEE16B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Delivery

Page URL History Show full URLs

  1. https://laps-kt.z9uq.in/ga/click/2-132665274-14290-6582-12680-8296-0f69f1f899-4b478b21d4 HTTP 302
    https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

536 kB
Transfer

965 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://laps-kt.z9uq.in/ga/click/2-132665274-14290-6582-12680-8296-0f69f1f899-4b478b21d4 HTTP 302
    https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request catalin.timerman%40unicredit.ro
spanish.ud4l.in/UK_BvNvNA_83/
Redirect Chain
  • https://laps-kt.z9uq.in/ga/click/2-132665274-14290-6582-12680-8296-0f69f1f899-4b478b21d4
  • https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
f48ab74c770df5b2c10fb2f148090803abe9535c0598ec033f9b88c928aafb2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d61efa8592104a3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 12 Jun 2023 12:00:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmFQFJtb%2F6CnJ4BNhMD5jfE%2FSdxn9yxToa16W2aIm%2FDiskat1gi5N2YAWIER9DAnx7yvp5FWVhtNxdwIBaigFCFLMFskBhC86MRUZ04%2F%2FzzeZfFNbF53hJ85jNW%2B%2BZkyz%2BnIc2x%2BsY%2FsPPflH3A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d61efa49b4a18d3-FRA
content-type
text/html; charset=utf-8
date
Mon, 12 Jun 2023 12:00:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41GPfXfejrhiILCMibXa5m%2FfUtIKMMQmL%2F%2BPfrWVdXHilNHejT8jUbTGvQwr1NqHRONznE0M0vxYiAr6c4gW%2BiWtAtGTO4sNL8SxhVMRL6BGnD6xLybdSY7Ls%2BF%2BjUEf7EfKQ9SL%2FVKAzYgruZk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
302 Found
x-powered-by
Phusion Passenger 6.0.4
x-rack-cache
miss
x-request-id
31d9a6138ca769a807e43b75b9211151
x-runtime
0.063022
x-ua-compatible
IE=Edge,chrome=1
bootstrap.min.css
hillsnature.com/eml/US-Cook-Win-JUN080623/css/ 		119 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hillsnature.com/eml/US-Cook-Win-JUN080623/css/bootstrap.min.css
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.105.134.192 Stockholm, Sweden, ASN42237 (W1N, GB),
Reverse DNS
tank.mark-arrow.club
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:00:38 GMT
Last-Modified
Thu, 08 Jun 2023 09:23:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag
"1da71-5fd9accc54eb8"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
121457
animate.css
hillsnature.com/eml/US-Cook-Win-JUN080623/css/ 		56 KB
56 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hillsnature.com/eml/US-Cook-Win-JUN080623/css/animate.css
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.105.134.192 Stockholm, Sweden, ASN42237 (W1N, GB),
Reverse DNS
tank.mark-arrow.club
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:00:38 GMT
Last-Modified
Thu, 08 Jun 2023 09:23:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag
"df07-5fd9accc54ad0"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
57095
custom.css
hillsnature.com/eml/US-Cook-Win-JUN080623/css/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hillsnature.com/eml/US-Cook-Win-JUN080623/css/custom.css
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.105.134.192 Stockholm, Sweden, ASN42237 (W1N, GB),
Reverse DNS
tank.mark-arrow.club
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
19e77290e8414351fc08ca2cc70c2f0b50435542bac4146bc12274db3b387e6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:00:38 GMT
Last-Modified
Thu, 08 Jun 2023 09:23:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag
"52b9-5fd9accc552a0"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21177
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:00:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
233726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amHpOzR%2Bi6lYZ2RSVImS0fL8ShCPVP0F%2Ft3hTfIG48vp8BpRjn51Y3UvL0%2FWBywE81C8ZdWNOPIEytba8U5T8ddYND8BPx1wA83zyXqtjF4isk7oUCUC736XLBjB%2FRzczr476t5%2FT6YTMwe0OHCLc2Es"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d61efaca9689262-FRA
expires
Sat, 01 Jun 2024 12:00:55 GMT
wonderpush-loader.min.js
cdn.by.wonderpush.com/sdk/1.1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e33d71b2b205574408d5bf49584f2dca1fac505388cfd277d2d96525f9ddd35f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:00:57 GMT
content-encoding
gzip
via
1.1 6a29b506c0dc975f5344fdc44215aa70.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
CDG50-P1
age
2640
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
870
last-modified
Wed, 31 May 2023 17:11:08 GMT
server
cloudflare
etag
"a7e7015402fee6725154444b9527ed98ed6e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7d61efb6c8df3722-FRA
x-amz-cf-id
64XEL82Yhj2nBQfxMwKNxfLqSOvep_HzejEzXiuBv2pHVONsxNQMTw==
logo.svg
hillsnature.com/eml/US-Cook-Win-JUN080623/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillsnature.com/eml/US-Cook-Win-JUN080623/img/logo.svg
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.105.134.192 Stockholm, Sweden, ASN42237 (W1N, GB),
Reverse DNS
tank.mark-arrow.club
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
f278a4edc92d1df4d7bd92ffb15cff139a44f74558b8a031506ac0b43a4ece54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:00:39 GMT
Last-Modified
Thu, 08 Jun 2023 09:23:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag
"6cb-5fd9accc55a70"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1739
prd.jpg
hillsnature.com/eml/US-Cook-Win-JUN080623/img/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillsnature.com/eml/US-Cook-Win-JUN080623/img/prd.jpg
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.105.134.192 Stockholm, Sweden, ASN42237 (W1N, GB),
Reverse DNS
tank.mark-arrow.club
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
9883c5059799599e95c441cb3935f5bb6847e4143c392a3e12c9874394a94a24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:00:41 GMT
Last-Modified
Thu, 08 Jun 2023 09:23:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag
"12bd2-5fd9accc56240"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
76754
lander_lp
spanish.ud4l.in/ 		0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spanish.ud4l.in/lander_lp?lp=UK_BvNvNA_83/catalin.timerman@unicredit.ro&p=rm-xyJ1Uc1VhZYZji1uhopdSbW9ykXJUZVWlnLFjmVtqbFVcVbWqw1tsW2lka4Rxl55rnWxilIZ5kmpkclWt
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:00:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HwlLxB99oSAqFhaWJix9IHpUtqn%2BTIc%2BQPtwKs5mkFYFgy6VVRcFwNamWwCkVlOeia4UNKpyao65%2F2dwVXbPaO63c%2F2PNhvUkAm4dpjFCj%2F%2BRrxobnj9dNpwmBiHwaSpPuzAoyM1CwLLWB8Kfw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7d61efb68cc837f1-FRA
alt-svc
h3=":443"; ma=86400
email-decode.min.js
spanish.ud4l.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spanish.ud4l.in/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Jun 2023 11:54:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"647f1e6b-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNt8eAvs60fluTxpmrDR8uCVhRcl1m5fi%2FAn1xSqBz2%2FPPdTWNfRWzwJXC%2FyIW2WEQeIsP2L7gFL39Ur0KMVG%2Bipw6shihBvm4HLTmuaQ03MKZY6dzkM6JJFwXlXuY0ZoFHLNclTo%2Fc5seapYsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7d61efb259b104a3-FRA
expires
Wed, 14 Jun 2023 12:00:56 GMT
jquery.min.js
hillsnature.com/eml/US-Cook-Win-JUN080623/js/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hillsnature.com/eml/US-Cook-Win-JUN080623/js/jquery.min.js
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.105.134.192 Stockholm, Sweden, ASN42237 (W1N, GB),
Reverse DNS
tank.mark-arrow.club
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:00:39 GMT
Last-Modified
Thu, 08 Jun 2023 09:23:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag
"15ec3-5fd9accc579b0"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
89795
bootstrap.min.js
hillsnature.com/eml/US-Cook-Win-JUN080623/js/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hillsnature.com/eml/US-Cook-Win-JUN080623/js/bootstrap.min.js
Requested by
Host: spanish.ud4l.in
URL: https://spanish.ud4l.in/UK_BvNvNA_83/catalin.timerman%40unicredit.ro?s3=&s4=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.105.134.192 Stockholm, Sweden, ASN42237 (W1N, GB),
Reverse DNS
tank.mark-arrow.club
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33 /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 12:00:39 GMT
Last-Modified
Thu, 08 Jun 2023 09:23:05 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
ETag
"9b00-5fd9accc56df8"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
39680
css
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900
Requested by
Host: hillsnature.com
URL: https://hillsnature.com/eml/US-Cook-Win-JUN080623/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
feb982ed310dec43a5f59c2fd516884fcff7bfca25b1be20e3423e77408b3ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hillsnature.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Jun 2023 12:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 12:00:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jun 2023 12:00:56 GMT
wonderpush.min.js
cdn.by.wonderpush.com/sdk/1.1.33.33/ 		490 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1.33.33/wonderpush.min.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1266137550101b1e4b6cd74c26d45358adc17f6654431a229c427c15216cc582

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:01:00 GMT
content-encoding
gzip
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P2
age
1018180
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
120032
last-modified
Wed, 31 May 2023 17:11:04 GMT
server
cloudflare
etag
"c780915fa11e08eae756f05740ea5518ed6e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7d61efcace733722-FRA
x-amz-cf-id
Cb8IB4DsOJVyeN4ZHgTzgKuJCWbSSk6JwpZWoekff9mYhjgsdDfG-w==
41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0
cdn.by.wonderpush.com/config/webkeys/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/config/webkeys/41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0?_=1686571260653
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.33/wonderpush.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75903923e5a3d2e53ea21e2683f3288b2d3b8b36b2e955358f55bb3bc45f8430

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:01:00 GMT
content-encoding
gzip
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
834
last-modified
Wed, 31 May 2023 17:35:20 GMT
server
cloudflare
etag
"5af428152c26cf8dd9be42ce466b5d28ed6e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7d61efcb3ef037c8-FRA
x-amz-cf-id
bqysYTMESBsJor9Mw7EeO2jab_JCxZB7iQL7eiW3yOB69s4AG9pNZA==
geojs.js
cdn.by.wonderpush.com/plugins/geojs/1.0.2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.33/wonderpush.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:01:00 GMT
content-encoding
gzip
via
1.1 51d16867ea09d1b4c52eca0e090ad4a2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS54-C1
age
11340765
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1055
last-modified
Mon, 22 Jun 2020 15:30:23 GMT
server
cloudflare
etag
"eade35070a4a96bcbeb77c55c1856e96ed6e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,stale-while-revalidate=2592000
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
7d61efcc3db635ea-FRA
x-amz-cf-id
j8d45WyNWhvO5tWprTIjd_KIbO1gZw6UsGZwbq0hGJwAmI4jQj_mig==
geo.json
get.geojs.io/v1/ip/ 		307 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/geo.json
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4f5b8c20add68f69dd9de8534de8ed10dc9d53f2ce6e20d067d97215e8d97ef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spanish.ud4l.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 12:01:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
1bea47368e560f2742cc6d755501e14f-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sWQNdpVxi9Rs%2Bp87cfP86nkF49P1sE3WXE%2B204kaAMaqpkHTX%2FDxZ3es3Lp7LsJVo2Qv4pp2g7iNK8reCWDwZXpQJ1A%2FMHmcnEUY7GXr3hgStJB%2BNQAm0VvZnQaSyak8KBZqplT53BjiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
7d61efccb8b89189-FRA
events
measurements-api.wonderpush.com/v1/ 		94 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://measurements-api.wonderpush.com/v1/events
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.33/wonderpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8ca82e6d3055d86e3643ba18630ff00d656bbc509f043d68b6fb0081dd2b7937

Request headers

Referer
https://spanish.ud4l.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://spanish.ud4l.in
x-cloud-trace-context
d1a8661a83c83e67a2d72f32c97d2e3a
date
Mon, 12 Jun 2023 12:01:00 GMT
access-control-allow-credentials
true
server
Google Frontend
content-length
94
content-type
application/json

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| WonderPush function| partstep function| $ function| jQuery

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.by.wonderpush.com
cdnjs.cloudflare.com
fonts.googleapis.com
get.geojs.io
hillsnature.com
laps-kt.z9uq.in
measurements-api.wonderpush.com
spanish.ud4l.in
193.105.134.192
2001:4860:4802:36::15
2606:4700:20::681a:164
2606:4700:3031::ac43:bebe
2606:4700::6811:180e
2606:4700::6812:13b7
2a00:1450:4001:831::200a
2a06:98c1:3121::3
1266137550101b1e4b6cd74c26d45358adc17f6654431a229c427c15216cc582
19e77290e8414351fc08ca2cc70c2f0b50435542bac4146bc12274db3b387e6a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
75903923e5a3d2e53ea21e2683f3288b2d3b8b36b2e955358f55bb3bc45f8430
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8ca82e6d3055d86e3643ba18630ff00d656bbc509f043d68b6fb0081dd2b7937
9883c5059799599e95c441cb3935f5bb6847e4143c392a3e12c9874394a94a24
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515
e33d71b2b205574408d5bf49584f2dca1fac505388cfd277d2d96525f9ddd35f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f5b8c20add68f69dd9de8534de8ed10dc9d53f2ce6e20d067d97215e8d97ef
f278a4edc92d1df4d7bd92ffb15cff139a44f74558b8a031506ac0b43a4ece54
f48ab74c770df5b2c10fb2f148090803abe9535c0598ec033f9b88c928aafb2c
feb982ed310dec43a5f59c2fd516884fcff7bfca25b1be20e3423e77408b3ca4