urlscan.io logo urlscan.io
SecurityTrails logo

meinneuessmartphone.com Open in urlscan Pro
168.119.31.202  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/rdcoffer/offertrc.html#lnjzs1kbnclm60d5bd4da9a06.69l604fba91a3a3a
Effective URL: https://meinneuessmartphone.com/campaign_511.html?coyoteAffiliTokenId=50152785&aps=___&
Submission Tags: falconsandbox
Submission: On September 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 15 domains to perform 28 HTTP transactions. The main IP is 168.119.31.202, located in and belongs to . The main domain is meinneuessmartphone.com.
TLS certificate: Issued by R3 on August 6th 2022. Valid for: 3 months.
This is the only time meinneuessmartphone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 69.36.182.103 32780 (HOSTINGSE...)
1 1 198.8.93.182 46562 (PERFORMIVE)
1 1 54.217.67.12 16509 (AMAZON-02)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 4 18.158.88.249 16509 (AMAZON-02)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 34.250.4.239 ()
1 2 168.119.31.202 ()
28 9
1    2a00:1450:4001:830::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    69.36.182.103 (New York, United States)

ASN32780 (HOSTINGSERVICES-INC, US)
PTR: nbh.dynns.com
69.36.182.103
1    198.8.93.182 (Chicago, United States)

ASN46562 (PERFORMIVE, US)
PTR: kuy.dynns.com
olkj.dailycouponcard.com
1    54.217.67.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-67-12.eu-west-1.compute.amazonaws.com
offerlink.co
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
gr01.net
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
apidata.info
app.superpush.io
4    18.158.88.249 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
app.logictree.co
citines-boutlet.com
6    2606:4700:3033::6815:4286 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.newyearspecials.xyz
1    34.250.4.239 (None, )

ASN- ()
tracking.trkkadsm.com
2    168.119.31.202 (None, )

ASN- ()
campaign.golead.de
meinneuessmartphone.com
Domain Requested by
6 secure.newyearspecials.xyz gr01.net
secure.newyearspecials.xyz
3 app.logictree.co 1 redirects secure.newyearspecials.xyz
2 ajax.googleapis.com gr01.net
secure.newyearspecials.xyz
meinneuessmartphone.com
2 gr01.net 69.36.182.103
gr01.net
1 meinneuessmartphone.com
1 campaign.golead.de 1 redirects
1 tracking.trkkadsm.com 1 redirects
1 citines-boutlet.com
1 app.superpush.io ajax.googleapis.com
1 apidata.info gr01.net
1 offerlink.co 1 redirects
1 olkj.dailycouponcard.com 1 redirects
1 storage.googleapis.com
0 kit.fontawesome.com Failed meinneuessmartphone.com
0 fonts.googleapis.com Failed meinneuessmartphone.com
0 stackpath.bootstrapcdn.com Failed meinneuessmartphone.com
0 cdnjs.cloudflare.com Failed meinneuessmartphone.com
0 maxcdn.bootstrapcdn.com Failed meinneuessmartphone.com
28 18

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.gr01.net
E1		 2022-07-30 -
2022-10-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-16		 a year crt.sh
app.logictree.co
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
citines-boutlet.com
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
meinneuessmartphone.com
R3		 2022-08-06 -
2022-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://meinneuessmartphone.com/campaign_511.html?coyoteAffiliTokenId=50152785&aps=___&
Frame ID: 7D584C6429100886C01F352D7A039756
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://storage.googleapis.com/rdcoffer/offertrc.html Page URL
  2. http://69.36.182.103/sendto/index.php?track=lnjzs1kbnclm60d5bd4da9a06.69l604fba91a3a3a Page URL
  3. http://olkj.dailycouponcard.com/redirection/rdt.php?track=lnjzs1kbnclm60d5bd4da9a06.69l604fba91a3a3a HTTP 302
    https://offerlink.co/?a=3059&oc=34056&c=66168&m=3&s1=8&s2=42017_69l604fba91a3a3a&email_address=it... HTTP 302
    https://gr01.net/t/?s6=1&s7=LG&s8=CAK Page URL
  4. https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK&spushon=y HTTP 302
    https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZW... Page URL
  5. https://app.logictree.co/click?country=DE Page URL
  6. https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly90cmFja2luZy50cmtrYWRzbS5jb20vYWZmX2M_b2ZmZX... Page URL
  7. https://tracking.trkkadsm.com/aff_c?offer_id=425&aff_id=1102&aff_sub=a7f48a40-0785-47a8-b3da-aafca3c6d191_... HTTP 302
    https://campaign.golead.de/de,yournewphones,com_172.html?idPartner=43&idCampaignAd=0&subId=1102-a7f48a4... HTTP 302
    https://meinneuessmartphone.com/campaign_511.html?coyoteAffiliTokenId=50152785&aps=___& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

61 %
HTTPS

45 %
IPv6

15
Domains

18
Subdomains

9
IPs

3
Countries

133 kB
Transfer

292 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/rdcoffer/offertrc.html Page URL
  2. http://69.36.182.103/sendto/index.php?track=lnjzs1kbnclm60d5bd4da9a06.69l604fba91a3a3a Page URL
  3. http://olkj.dailycouponcard.com/redirection/rdt.php?track=lnjzs1kbnclm60d5bd4da9a06.69l604fba91a3a3a HTTP 302
    https://offerlink.co/?a=3059&oc=34056&c=66168&m=3&s1=8&s2=42017_69l604fba91a3a3a&email_address=itsuperstar28@gmail.com HTTP 302
    https://gr01.net/t/?s6=1&s7=LG&s8=CAK Page URL
  4. https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK&spushon=y HTTP 302
    https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8&lptoken=160d62d4599733476273&s6=1&s7=LG&s8=CAK&spushon=y Page URL
  5. https://app.logictree.co/click?country=DE Page URL
  6. https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly90cmFja2luZy50cmtrYWRzbS5jb20vYWZmX2M_b2ZmZXJfaWQ9NDI1JmFmZl9pZD0xMTAyJmFmZl9zdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXyZhZmZfc3ViMj1kNDlpN2Z0bm02azQzbXNpMm9iNHB2ZnMmY291bnRyeT1ERQ&ts=1662591563777&hash=pxz9YaJEacLQ3bZodVXY1MN_q0kZxm80gUclWyzgLsU&rm=D Page URL
  7. https://tracking.trkkadsm.com/aff_c?offer_id=425&aff_id=1102&aff_sub=a7f48a40-0785-47a8-b3da-aafca3c6d191_&aff_sub2=d49i7ftnm6k43msi2ob4pvfs&country=DE HTTP 302
    https://campaign.golead.de/de,yournewphones,com_172.html?idPartner=43&idCampaignAd=0&subId=1102-a7f48a40-0785-47a8-b3da-aafca3c6d191_&subIdentifier=102bf2f10382e589761edc9d93593b&aps=___ HTTP 302
    https://meinneuessmartphone.com/campaign_511.html?coyoteAffiliTokenId=50152785&aps=___& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://olkj.dailycouponcard.com/redirection/rdt.php?track=lnjzs1kbnclm60d5bd4da9a06.69l604fba91a3a3a HTTP 302
  • https://offerlink.co/?a=3059&oc=34056&c=66168&m=3&s1=8&s2=42017_69l604fba91a3a3a&email_address=itsuperstar28@gmail.com HTTP 302
  • https://gr01.net/t/?s6=1&s7=LG&s8=CAK
Request Chain 6
  • https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK&spushon=y HTTP 302
  • https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8&lptoken=160d62d4599733476273&s6=1&s7=LG&s8=CAK&spushon=y

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
offertrc.html
storage.googleapis.com/rdcoffer/ 		183 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/rdcoffer/offertrc.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
29
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
183
content-type
text/html
date
Wed, 07 Sep 2022 22:58:50 GMT
etag
"592eb09fd98c68109f893719b9bf4a17"
expires
Wed, 07 Sep 2022 23:58:50 GMT
last-modified
Fri, 27 Aug 2021 09:05:13 GMT
server
UploadServer
x-goog-generation
1630055113214892
x-goog-hash
crc32c=nYoMFA== md5=WS6wn9mMaBCfiTcZub9KFw==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
183
x-guploader-uploadid
ADPycduk82kJE-vTk4nzZJXIq05_89avQDL4zJOi9hSm6LRdVEGmy3vH8M3umirQc2gIv50dOEFOuN5PEBjvEAfIidOP9Q
index.php
69.36.182.103/sendto/ 		449 B
710 B 		Document
General
Check archive.org
Download Go to
Full URL
http://69.36.182.103/sendto/index.php?track=lnjzs1kbnclm60d5bd4da9a06.69l604fba91a3a3a
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/rdcoffer/offertrc.html
Protocol
HTTP/1.1
Server
69.36.182.103 New York, United States, ASN32780 (HOSTINGSERVICES-INC, US),
Reverse DNS
nbh.dynns.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
e14cd2123481e106af24fe3f7cc401c1873583a0fc10a7a644d5561a1bf94289

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
449
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Sep 2022 22:59:23 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
/
gr01.net/t/
Redirect Chain
  • http://olkj.dailycouponcard.com/redirection/rdt.php?track=lnjzs1kbnclm60d5bd4da9a06.69l604fba91a3a3a
  • https://offerlink.co/?a=3059&oc=34056&c=66168&m=3&s1=8&s2=42017_69l604fba91a3a3a&email_address=itsuperstar28@gmail.com
  • https://gr01.net/t/?s6=1&s7=LG&s8=CAK
349 B
617 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gr01.net/t/?s6=1&s7=LG&s8=CAK
Requested by
Host: 69.36.182.103
URL: http://69.36.182.103/sendto/index.php?track=lnjzs1kbnclm60d5bd4da9a06.69l604fba91a3a3a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d

Request headers

Referer
http://69.36.182.103/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74730defccdf91f3-FRA
content-encoding
br
content-type
text/html
date
Wed, 07 Sep 2022 22:59:22 GMT
last-modified
Wed, 31 Aug 2022 10:43:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Fdx0b5AEtsAAufw3d%2BqWsFCpkDjd98%2B7uPFCivMSxxMqR0vVnBvq4jNxCt8KZ7zN0Zd4K9pEqwROlVFwUf7tubgvMk34lNqtzTdLjaDjnQOa0meK%2Fer%2FC3ZlbLvchrJ9L1%2FSYzwqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Cache-Control
private
Connection
close
Content-Length
162
Content-Type
text/html; charset=utf-8
Date
Wed, 07 Sep 2022 22:59:23 GMT
Location
https://gr01.net/t/?s6=1&s7=LG&s8=CAK
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: gr01.net
URL: https://gr01.net/t/?s6=1&s7=LG&s8=CAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gr01.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 21:36:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33495
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Sep 2023 21:36:49 GMT
js
apidata.info/ 		831 B
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apidata.info/js
Requested by
Host: gr01.net
URL: https://gr01.net/t/?s6=1&s7=LG&s8=CAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0652c2739f77f2c8b9efc2134bd5a6356f943a70fa9c33cad0971ad8516322a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gr01.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 22:59:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
3600
access-control-allow-methods
POST, GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGH6Cd5KeWmHTwML5cSRmc5WU5qtfanf7NLlDh%2BpEPBob8x3YoBtAQxlmefNygqFyUmFzVE9fI5OriDdi8Wh4D9ZiG8jKsaXVvRjdmxTBY7FHsUt2vpEjIVi6cT%2FV96Bc1VghRmoSCGdE3E%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
74730df19da29131-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logic_tree.js
gr01.net/t/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gr01.net/t/logic_tree.js
Requested by
Host: gr01.net
URL: https://gr01.net/t/?s6=1&s7=LG&s8=CAK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1372d0bceeda2b148d6e8a830cce88c6cf90c80809569170b1bf78811307805e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gr01.net/t/?s6=1&s7=LG&s8=CAK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 22:59:22 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 31 Aug 2022 10:43:01 GMT
server
cloudflare
etag
W/"630f3b35-2563"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AejMdlUZGhIKtO94JegJEMgyIJbc3SVgX8ygvsn0x8zMH8BRP6BNYlPjB9QzS1jAtkukLYaHWR3tkaiWb020M2Cz0FJONimV57vqH26Jet8TwLfiOa44O9xNmWeoR%2FrjMGSJz%2Bn42w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74730df03d1a91f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
secure.newyearspecials.xyz/lp/load/1b/
Redirect Chain
  • https://app.logictree.co/10678c66-507a-4351-948f-6b66ce631461?s6=1&s7=LG&s8=CAK&spushon=y
  • https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNj...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8&lptoken=160d62d4599733476273&s6=1&s7=LG&s8=CAK&spushon=y
Requested by
Host: gr01.net
URL: https://gr01.net/t/logic_tree.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:4286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5881ec5aa1e74996dc70f73a245af31883a8b4c263f2dafc75b56c9b13001b3

Request headers

Referer
https://gr01.net/t/?s6=1&s7=LG&s8=CAK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74730df41d485b68-FRA
content-encoding
br
content-type
text/html
date
Wed, 07 Sep 2022 22:59:22 GMT
last-modified
Wed, 31 Aug 2022 10:31:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4abR%2FwUeA9mjzBhcStZ33O%2FW3mdSEfYW7ghhBVNcDP%2FG4bcm9OCaTrqLXe6147YPkMIVeS4yzpRc0q0SK45pKJT3pc2mTV%2FWAt5ohib%2BTR2%2FBFZA%2BFDR%2F92sicR8ita%2BGd9B1Zh%2FHogz3zI5sEjSUueTnSKpIefbLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Wed, 07 Sep 2022 22:59:22 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8&lptoken=160d62d4599733476273&s6=1&s7=LG&s8=CAK&spushon=y
pragma
no-cache
server
nginx
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: secure.newyearspecials.xyz
URL: https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8&lptoken=160d62d4599733476273&s6=1&s7=LG&s8=CAK&spushon=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 23:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 23:18:49 GMT
loader.gif
secure.newyearspecials.xyz/lp/load/1b/img/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.newyearspecials.xyz/lp/load/1b/img/loader.gif
Requested by
Host: secure.newyearspecials.xyz
URL: https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8&lptoken=160d62d4599733476273&s6=1&s7=LG&s8=CAK&spushon=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 22:59:22 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 10:31:03 GMT
server
cloudflare
age
5239
etag
"630f3867-cc19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6W%2BQdzLA4aJFZu5FBXcSVsCUaCOiWKNcJb7BK2i1WFH0Hq3VyJfTiU3TE4s9XnacughQ9mihMTDLkLYV5GRIE0Z4ForBj0Ghv7PdaQTPg7FGQPkysa6SyT4crJF1IugbkZAwCSgD8t%2B7JDQbiqVBMtEdHA7FhKJdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74730df49f0fbbd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52249
url-pixel.png
secure.newyearspecials.xyz/lp/load/1b/ 		95 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.newyearspecials.xyz/lp/load/1b/url-pixel.png
Requested by
Host: secure.newyearspecials.xyz
URL: https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8&lptoken=160d62d4599733476273&s6=1&s7=LG&s8=CAK&spushon=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 22:59:23 GMT
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 10:31:03 GMT
server
cloudflare
age
5240
etag
"630f3867-5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uS%2Fe3ZacuMF3XFNqFA4k9dhy1SrYKpxkepn8jHLUJt1qEnlQu6PSX35AhzLSlB0Fuaytf%2F6ho2%2B%2F7wbp4oHPPwsbNwS2azaZXLiCOWuvL105EWNVBGaUqZ5bO978mTuctjd8OxKZWJSfhoVZxu2tequCfehqIV0V6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74730df4ef52bbd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95
gotoURL.js
secure.newyearspecials.xyz/script/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.newyearspecials.xyz/script/gotoURL.js
Requested by
Host: secure.newyearspecials.xyz
URL: https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8&lptoken=160d62d4599733476273&s6=1&s7=LG&s8=CAK&spushon=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c377b8669d3c7eaf3337a463390c18a23d2929a4bb158fdb973b0dd35c202f8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 22:59:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 31 Aug 2022 10:43:00 GMT
server
cloudflare
age
5239
etag
W/"630f3b34-12a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsvFFzVYfNp%2Bnh%2FhUeSyeXIurULaOBX0cmOKwBQpV%2BgyQzt8jtvOS2Bg5fou6dtjHY2BK1Or8OCgswQdH0nqT21Mp3zA9JWkKblBJKE49RZz5heOQcR7b0OT1CQSzJ49vMLRPGBmZJq65t%2FvMt%2FEbV9kckdD5a7m2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74730df55fbfbbd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
superpushSDK.js
app.superpush.io/static/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.superpush.io/static/superpushSDK.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5823698065824032a8bbe6ffeeec153bd6b73d496c2f54094bf2e4440123dbd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 22:59:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Jun 2021 13:03:17 GMT
server
cloudflare
age
1901
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsjH9C6jhU%2BndGjOU%2Fd8%2B0xZzEStaExwe6%2B0AdJE0HZSF%2BXQQNYpk2OCRcbY2eKpP%2Fw7l3pC9xBqiC0QOsEbX%2BLtoJPg1VUPg02Ftd20Cz196XcXjXUHTy%2BVzhz6psfvqemqSNC3Hz4hTfZBniVF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74730df5ffb39bd4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-application-context
application:production:8082
.js
app.logictree.co/d/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.logictree.co/d/.js?lpref=https%3A%2F%2Fgr01.net%2F&lpurl=https%3A%2F%2Fsecure.newyearspecials.xyz%2Flp%2Fload%2F1b%2F%3Fvsv%3DUTS%26vl%3D1%26vlink%3Dapp.logictree.co%26country%3DDE%26cep%3DxLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8%26lptoken%3D160d62d4599733476273%26s6%3D1%26s7%3DLG%26s8%3DCAK%26spushon%3Dy&lpt=Loader&t=1662591559511
Requested by
Host: secure.newyearspecials.xyz
URL: https://secure.newyearspecials.xyz/script/gotoURL.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.88.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5c11cbeeca3841bec263ded00b54a9561eda24475c8d4d8475065025947ba1d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Sep 2022 22:59:23 GMT
server
nginx
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3052
expires
Thu, 01 Jan 1970 00:00:00 GMT
bckbtn.js
secure.newyearspecials.xyz/script/ 		1012 B
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.newyearspecials.xyz/script/bckbtn.js
Requested by
Host: secure.newyearspecials.xyz
URL: https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8&lptoken=160d62d4599733476273&s6=1&s7=LG&s8=CAK&spushon=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 22:59:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 31 Aug 2022 10:43:00 GMT
server
cloudflare
etag
W/"630f3b34-3f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FVR0UN7suhHRtjl9i96qK8QFbqzrm2vxxgBsRWP%2BT0z4nE2XkmQxfLu5EPBCu021UHWEuYUnHEXoY1YPt%2B%2BckzwxhBwO7SufS2VqLbRptOn6kv44I1PZMbgqJOhhYR3BxKysGo8%2F7%2BCrTwZAvIzKLTCOE3xGOWDKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74730df58fdebbd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
swgfonts.js
secure.newyearspecials.xyz/script/ 		965 B
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.newyearspecials.xyz/script/swgfonts.js
Requested by
Host: secure.newyearspecials.xyz
URL: https://secure.newyearspecials.xyz/lp/load/1b/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:4286 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 22:59:23 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 31 Aug 2022 10:43:00 GMT
server
cloudflare
etag
W/"630f3b34-3c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xo8hAPGN2eipj8Xb5Mls1RGkIGG8mcYc%2FjZyC1jL0wUGN7grk4wvXzXD%2FxkfA6vJbTFYeHhtfzv491ccwb6zvIwK6nNh3E6JIkB6GUnCFMvuNNdvjmSYo89uGUIEsk1V2jUkmoFostT7F%2B2BClKJdx7XrW1YBjePdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74730df5d81bbbd3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
click
app.logictree.co/ 		539 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.logictree.co/click?country=DE
Requested by
Host: secure.newyearspecials.xyz
URL: https://secure.newyearspecials.xyz/lp/load/1b/?vsv=UTS&vl=1&vlink=app.logictree.co&country=DE&cep=xLJEv3Swf_bZWnK7tPcuv6qq9RP-cL3yRHodwKHuoYnuXLDD2quf4R1O9NzwDX4kQSP2F91T77LOpfEstlIwLQc1gVNQXAdeqNjRKKWkJE4NXQ5iqd2d7v8k1yjzTqQOrEVYW-qXpR5TFbGn55CGTbxgqvnS9ySpHagTegKTRPt1E-H0ndlUa6JXgguAKrh1fM2v24xsbONHXWLDvcu0K3a2mnuv8fsuZ0KoGkv36wjmhvhTLg5lFzaUvAk8SLAjP3xw_1SONMzT9DXzz-ETSbmCYSwBTQON2nnQVZEycJbe8MtrRJZLNO6JBL10VV9gru7dvy0HkvD2zp13vsnA7aZF1MUaWJMqCPW6JkR1ac92XU73wS7mwR_iXXG3kLyzH_fL3so3_Ir0tfBzTgX4e3jaSjnOkVzxVyMoTySt7y8&lptoken=160d62d4599733476273&s6=1&s7=LG&s8=CAK&spushon=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.88.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dd9cba3cc2eac521244b937ce4850441d28e30b2d2b4e5401d8e338f4caff52e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Wed, 07 Sep 2022 22:59:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
redirect
citines-boutlet.com/ 		363 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly90cmFja2luZy50cmtrYWRzbS5jb20vYWZmX2M_b2ZmZXJfaWQ9NDI1JmFmZl9pZD0xMTAyJmFmZl9zdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXyZhZmZfc3ViMj1kNDlpN2Z0bm02azQzbXNpMm9iNHB2ZnMmY291bnRyeT1ERQ&ts=1662591563777&hash=pxz9YaJEacLQ3bZodVXY1MN_q0kZxm80gUclWyzgLsU&rm=D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.158.88.249 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-88-249.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://app.logictree.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-type
text/html;charset=UTF-8
date
Wed, 07 Sep 2022 22:59:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
Primary Request campaign_511.html
meinneuessmartphone.com/
Redirect Chain
  • https://tracking.trkkadsm.com/aff_c?offer_id=425&aff_id=1102&aff_sub=a7f48a40-0785-47a8-b3da-aafca3c6d191_&aff_sub2=d49i7ftnm6k43msi2ob4pvfs&country=DE
  • https://campaign.golead.de/de,yournewphones,com_172.html?idPartner=43&idCampaignAd=0&subId=1102-a7f48a40-0785-47a8-b3da-aafca3c6d191_&subIdentifier=102bf2f10382e589761edc9d93593b&aps=___
  • https://meinneuessmartphone.com/campaign_511.html?coyoteAffiliTokenId=50152785&aps=___&
35 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://meinneuessmartphone.com/campaign_511.html?coyoteAffiliTokenId=50152785&aps=___&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
168.119.31.202 -, , ASN (),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Referer
https://citines-boutlet.com/redirect?target=BASE64aHR0cHM6Ly90cmFja2luZy50cmtrYWRzbS5jb20vYWZmX2M_b2ZmZXJfaWQ9NDI1JmFmZl9pZD0xMTAyJmFmZl9zdWI9YTdmNDhhNDAtMDc4NS00N2E4LWIzZGEtYWFmY2EzYzZkMTkxXyZhZmZfc3ViMj1kNDlpN2Z0bm02azQzbXNpMm9iNHB2ZnMmY291bnRyeT1ERQ&ts=1662591563777&hash=pxz9YaJEacLQ3bZodVXY1MN_q0kZxm80gUclWyzgLsU&rm=D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
36361
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Sep 2022 22:59:24 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=5000
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
2
Content-Type
text/html; charset=UTF-8
Date
Wed, 07 Sep 2022 22:59:24 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=5000
Location
https://meinneuessmartphone.com/campaign_511.html?coyoteAffiliTokenId=50152785&aps=___&
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		0
0
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.0/ 		0
0
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		0
0
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
7b09c35fb3.js
kit.fontawesome.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
css2
fonts.googleapis.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Domain
cdnjs.cloudflare.com
URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.0/jquery.cookie.min.js
Domain
maxcdn.bootstrapcdn.com
URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Domain
stackpath.bootstrapcdn.com
URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Patua+One&display=swap
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,500,700
Domain
kit.fontawesome.com
URL
https://kit.fontawesome.com/7b09c35fb3.js
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Roboto:400,400i,700,700i
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

7 Cookies

Domain/Path Name / Value
.offerlink.co/ Name: sid
Value: amOrxzR+tNib9tv4HygffAHu4qRoCnpe0t5tWsrv/q5svB4kA1cYMw==
.offerlink.co/ Name: trk
Value: Kp9bFVnq/8o4ftfqdmmX1QHu4qRoCnpe0t5tWsrv/q5svB4kA1cYMw==
.app.logictree.co/ Name: cep-v4
Value: 30DkFqt2nox7AVNnBj7ygP865CzEQkumT8-AaUl_pP0mSrW4tdpwAn5TGAkvMWqJQ7UaemAqwd9EBumzdZfk4oB74KiscPDine0WnbgIOiIhz5niHUCm7PyESegkkR-FqDjV26dIqsKYlQUX6XpfL6xkTq9ZQ_9efl8oatDniP78Xz6l_dfI-1UBlOz4e5ESCrRgiy8BvjOELYOc-fEayriXgZfceRw6Bgu_ed1SqSmJ215kTN6CKJs561Vm9HN-mKqfO0CDYUgsu5YOQn2O3sCWW3pUEcRvqCs6AA4aXGaRooym0sWvfFIUIiTo3-c5lflxnZHNMnzC3q7wq0FHEGzufW11a-gPqnvxBNTr2DcLgqr7NmQsUI1bD5hfzuXehi6xnK6THDCVpcQJJliA8bBWyl7uP96MiihLcfcOuX0
secure.newyearspecials.xyz/ Name: vl-cep
Value: cep=S3-_vFrshff11s_R93UJLBI54eddYbYeJLKBKoKtrYpE1LQekQH1Z48635eHfWpSkr805Q-0unJiXmiTJKtws7A7TtBmJixCErkZC0CLdxkBs8OueLCP6AYoBUiK7pCqXTNBiFno-JdMVKm4vZFi7kETvUykeryfFBUMKw8a2KqfU3hPoPgNhbwsnBpThWmWW3EzH7kK6CeRtda2uIP7Q3YVopvih11gvCryDJVbuosdS3JO0CtZ4nEAvk4RDIKubsfVgsjsMO29L73L0Gu1DrKG9aqHqBn3Sr55aKO0LmNAMMh6aU-sN9OY-wcVDt6eL_LbFPEv7EmPlNEq_bBr97H2TdfdoUk0FPsWsTYPLd7Cv9_kFeDR5LboDhHZW6a4RoT-cQRyRpFD9r5cXzZHBoLjVcV_Oc7hBRMLtuBQIws
.app.logictree.co/ Name: cc-v4
Value: ZxiYsceJhOfqbe1L3%2F6lbMFYVYDLZv4%2F28GXw1RiriWn9g7SNUMxKVq2rFgjTOSTrOjXwbq27UdxDsB3UjSXsdwtBrc2NQXGR5mBr5fp%2FhI8GISe19LmhGowOn6j8tPCaBJXG0E9E6tecq0HqQiBvw%3D%3D
.app.logictree.co/ Name: 10678c66-507a-4351-948f-6b66ce631461-clk-v4
Value: 10678c66-507a-4351-948f-6b66ce631461
.app.logictree.co/ Name: 10678c66-507a-4351-948f-6b66ce631461-v4
Value: YTPBxifyPgwi-uRTN-2TNfC4qWiRG773vGCc4xJFXMs

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apidata.info
app.logictree.co
app.superpush.io
campaign.golead.de
cdnjs.cloudflare.com
citines-boutlet.com
fonts.googleapis.com
gr01.net
kit.fontawesome.com
maxcdn.bootstrapcdn.com
meinneuessmartphone.com
offerlink.co
olkj.dailycouponcard.com
secure.newyearspecials.xyz
stackpath.bootstrapcdn.com
storage.googleapis.com
tracking.trkkadsm.com
ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
168.119.31.202
18.158.88.249
198.8.93.182
2606:4700:3033::6815:4286
2a00:1450:4001:830::2010
2a00:1450:4001:831::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
34.250.4.239
54.217.67.12
69.36.182.103
0d1cbbcd5fa98ac7e076b1b2ae962846cc73356efdb61f10d915e23f77756814
1372d0bceeda2b148d6e8a830cce88c6cf90c80809569170b1bf78811307805e
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
5823698065824032a8bbe6ffeeec153bd6b73d496c2f54094bf2e4440123dbd4
5c11cbeeca3841bec263ded00b54a9561eda24475c8d4d8475065025947ba1d4
78ec6fb90696be9a847580501ec42909638107b35ff31f3780b24499a2fefa83
a13a0af892f283e422697ebc2c5c84b6ab173989701ef72329ebd6af59e93685
b64828207d3245843ca93c287bc80f9e3d381702c10f28f27583d5611cd2dc8d
c377b8669d3c7eaf3337a463390c18a23d2929a4bb158fdb973b0dd35c202f8f
d0652c2739f77f2c8b9efc2134bd5a6356f943a70fa9c33cad0971ad8516322a
d36e0b2c22cdd894cc75c675a077b3da89a4e0c64e5a04376f088abe6468a531
dd9cba3cc2eac521244b937ce4850441d28e30b2d2b4e5401d8e338f4caff52e
e14cd2123481e106af24fe3f7cc401c1873583a0fc10a7a644d5561a1bf94289
f5881ec5aa1e74996dc70f73a245af31883a8b4c263f2dafc75b56c9b13001b3