go.exceluser.com Open in urlscan Pro
2606:4700::6810:10c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u25654755.ct.sendgrid.net/ls/click?upn=wDn-2FaQhlJMhE0PqOT2kGFZArn6VrsVFyr3ZdK14X7ucl4vF0gclZyI0eib0JI6Be-2B3Avi-2FwU73lpy...
Effective URL:
https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content...
Submission: On March 25 via api (March 25th 2022, 9:50:43 am UTC) from SE — Scanned from DE

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700::6810:10c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.exceluser.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 31st 2021. Valid for: a year.

This is the only time go.exceluser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.35 167.89.118.35	11377 (SENDGRID) (SENDGRID)
11	2606:4700::68... 2606:4700::6810:10c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2

1 167.89.118.35 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net

u25654755.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:10c2 (United States)

ASN13335 (CLOUDFLARENET, US)

go.exceluser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	exceluser.com go.exceluser.com	146 KB
1	sendgrid.net 1 redirects u25654755.ct.sendgrid.net	462 B
13	2

	Domain	Requested by
11	go.exceluser.com	go.exceluser.com
1	u25654755.ct.sendgrid.net	1 redirects
13	2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
go.exceluser.com Cloudflare Inc ECC CA-3	`2021-12-31` - `2022-12-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae
Frame ID: F8E736E95E3A9CA157C293104A886C84
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://u25654755.ct.sendgrid.net/ls/click?upn=wDn-2FaQhlJMhE0PqOT2kGFZArn6VrsVFyr3ZdK14X7ucl4vF0gclZyI0eib0JI... HTTP 302
https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1ji... Page URL
https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1ji... Page URL

Page Statistics

13
Requests

85 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

146 kB
Transfer

191 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u25654755.ct.sendgrid.net/ls/click?upn=wDn-2FaQhlJMhE0PqOT2kGFZArn6VrsVFyr3ZdK14X7ucl4vF0gclZyI0eib0JI6Be-2B3Avi-2FwU73lpy5l1Q4t7yAzKvX1Xm5sja6bF8CM9Xd4D9IpRSCxDwPNJwv7lc13veEB6zEOwUvmnmvUUpM9930WJotZYT9CjPKQ-2ButJ0citXpfmDkbb3t4fz0nkI6KT17cldtBeeSnn1-2BcEWED7YtiCEh8RGK28U0NlaXd0aIKXVPIGrqfh7wy6BN-2BbzDnuobzormrQZQ1nTRLj35H-2Fln0H3iLPSMS-2BLoFDo8Z62pLqdHfHaQouBYpDkn0PoB-2FvTy0mxZENp07bTKRp8IAJ3JfbUEjgImuQY0nUr8xdf-2FgE-3D0Szy_ZMTIZidCv-2B7nDC9XbtsWCOomAT2wIJvWQ2L5R5cp5-2FdD08TfI6US-2BjZgXGqouwawJzS2EI6rzmmSf6Bk6RQBWWPnZAc5IvRGDL4yAUo9mF2hz7nHAW8F5t-2Bd88BPSvcqEYBXmwvZk-2B7BNEBucPkvmEYpIEeS5gcbwsdPlFBbCOwCo0-2BoP4ocYOF56dYqtzjopULhkctG0R-2Bds-2FWQrM7w5Oqk2P0LjfOh-2FCzue5AYYHGL7t3EB22ENoPH5j6dgQgD HTTP 302
https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae Page URL
https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u25654755.ct.sendgrid.net/ls/click?upn=wDn-2FaQhlJMhE0PqOT2kGFZArn6VrsVFyr3ZdK14X7ucl4vF0gclZyI0eib0JI6Be-2B3Avi-2FwU73lpy5l1Q4t7yAzKvX1Xm5sja6bF8CM9Xd4D9IpRSCxDwPNJwv7lc13veEB6zEOwUvmnmvUUpM9930WJotZYT9CjPKQ-2ButJ0citXpfmDkbb3t4fz0nkI6KT17cldtBeeSnn1-2BcEWED7YtiCEh8RGK28U0NlaXd0aIKXVPIGrqfh7wy6BN-2BbzDnuobzormrQZQ1nTRLj35H-2Fln0H3iLPSMS-2BLoFDo8Z62pLqdHfHaQouBYpDkn0PoB-2FvTy0mxZENp07bTKRp8IAJ3JfbUEjgImuQY0nUr8xdf-2FgE-3D0Szy_ZMTIZidCv-2B7nDC9XbtsWCOomAT2wIJvWQ2L5R5cp5-2FdD08TfI6US-2BjZgXGqouwawJzS2EI6rzmmSf6Bk6RQBWWPnZAc5IvRGDL4yAUo9mF2hz7nHAW8F5t-2Bd88BPSvcqEYBXmwvZk-2B7BNEBucPkvmEYpIEeS5gcbwsdPlFBbCOwCo0-2BoP4ocYOF56dYqtzjopULhkctG0R-2Bds-2FWQrM7w5Oqk2P0LjfOh-2FCzue5AYYHGL7t3EB22ENoPH5j6dgQgD HTTP 302
https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

503

click Show response
go.exceluser.com/queued_emails/3422347755/
Redirect Chain

https://u25654755.ct.sendgrid.net/ls/click?upn=wDn-2FaQhlJMhE0PqOT2kGFZArn6VrsVFyr3ZdK14X7ucl4vF0gclZyI0eib0JI6Be-2B3Avi-2FwU73lpy5l1Q4t7yAzKvX1Xm5sja6bF8CM9Xd4D9IpRSCxDwPNJwv7lc13veEB6zEOwUvmnmvUU...
https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%...

12 KB
13 KB

134ms
26ms

Document
text/html

2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

154bf65996cd1b07be6f6d86cc4d46956244f40d6c52f03512cd8706a9aae310

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 25 Mar 2022 09:50:39 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6f16be56fe2a01db-ZRH

Redirect headers

Server: nginx
Date: Fri, 25 Mar 2022 09:50:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 285
Connection: keep-alive
Location: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae
X-Robots-Tag: noindex, nofollow

GET
H2 200 v1 Show response
go.exceluser.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 38 KB
14 KB 49ms
48ms Script
text/javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.exceluser.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6f16be56fe2a01db
Requested by: Host: go.exceluser.com
URL: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d0ac6b04390e1e92b6ead81b4d73ebd776f57f01d5bd10f1181145c35c1f093

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae&__cf_chl_rt_tk=Lb_h2LaQmjz79MyeTB60LeJXWp_08pa5RqpqOsq41_Q-1648201839-0-gaNycGzNCFE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:50:39 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 6f16be573ecf01db-ZRH

GET
H2 200 transparent.gif
go.exceluser.com/cdn-cgi/images/trace/jschal/js/ 42 B
220 B 18ms
17ms Image
image/gif 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.exceluser.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6f16be56fe2a01db

Requested by

Host: go.exceluser.com
URL: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae&__cf_chl_rt_tk=Lb_h2LaQmjz79MyeTB60LeJXWp_08pa5RqpqOsq41_Q-1648201839-0-gaNycGzNCFE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae&__cf_chl_rt_tk=Lb_h2LaQmjz79MyeTB60LeJXWp_08pa5RqpqOsq41_Q-1648201839-0-gaNycGzNCFE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:50:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Mar 2022 14:13:40 GMT
server: cloudflare
etag: "62388814-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6f16be574ed001db-ZRH
vary: Accept-Encoding
content-length: 42
expires: Fri, 25 Mar 2022 11:50:39 GMT

GET
H2 200 transparent.gif
go.exceluser.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 18ms
18ms Image
image/gif 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.exceluser.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6f16be56fe2a01db

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae&__cf_chl_rt_tk=Lb_h2LaQmjz79MyeTB60LeJXWp_08pa5RqpqOsq41_Q-1648201839-0-gaNycGzNCFE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:50:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Mar 2022 14:13:40 GMT
server: cloudflare
etag: "62388814-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6f16be574ed101db-ZRH
vary: Accept-Encoding
content-length: 42
expires: Fri, 25 Mar 2022 11:50:39 GMT

POST
H2 200 42492a90d17e9d8 Show response
go.exceluser.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7211009787346752:1648199273:e2dfc717c717eb4bcd6fc0be5679ceeabf860ca52f314d95ae8d1521ebfbc38d/6f16be56fe2a01db/ 90 KB
91 KB 61ms
61ms XHR
text/plain 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.exceluser.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7211009787346752:1648199273:e2dfc717c717eb4bcd6fc0be5679ceeabf860ca52f314d95ae8d1521ebfbc38d/6f16be56fe2a01db/42492a90d17e9d8
Requested by: Host: go.exceluser.com
URL: https://go.exceluser.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6f16be56fe2a01db
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d1decb0b7f9ee3efcc77a7850c89a45abe7bdefbf31cddf755901fe55cb45a2

Request headers

Referer: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
CF-Challenge: 42492a90d17e9d8
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 25 Mar 2022 09:50:39 GMT
cf_chl_gen: Jp8N8Q+RpWMhut45eqYS7ctB33Osvu/py6x9eDMEldCnIXl0JhoWnuXNj+7QAo8ThoyEbS8yj+PB0+dwq+5BFuJW8YtQy1dKo6vl8E6e129k7C9j2PW62KqA/rrKiyw064aCAQ7fmvZ9NUSnZrUEHnrOPepMpwu9akAU3LOwr1/+LP+pQgvwX+/bqM7fgq0LonY43MIKlClc8FsNTeLowRFiQJCyq+n2rY2V35AGVsxdv10WKlc6Wm9qhQwFLNkvjZDclCd4BcEQT4OPkbxg2mmoqhawh1XJ0stfYFLoHzoZSvfIOi+dOtwhzRf4yYe2jy0HJ8Aj28xInWLMHp6Ktw==$Ei5d/9vE7tfagGVhu6ujiw==
server: cloudflare
cf-ray: 6f16be58588101db-ZRH
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 5440dac8-3dec-4988-a481-e2e1d76253a4
https://go.exceluser.com/ 120 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://go.exceluser.com/5440dac8-3dec-4988-a481-e2e1d76253a4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 120
Content-Type: application/javascript

GET
H2 200 15c6c9adcf8f9b4-1648201839433
go.exceluser.com/cdn-cgi/challenge-platform/h/b/img/6f16be56fe2a01db/70a73539/ 61 B
143 B 32ms
32ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.exceluser.com/cdn-cgi/challenge-platform/h/b/img/6f16be56fe2a01db/70a73539/15c6c9adcf8f9b4-1648201839433
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11d307c29fda413e666070729c6ca4650478ef5a9b9fb5e1e2fdcd7daa27b20f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:50:40 GMT
server: cloudflare
cf-ray: 6f16be613f9701db-ZRH
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png

POST
H2 200 42492a90d17e9d8 Show response
go.exceluser.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7211009787346752:1648199273:e2dfc717c717eb4bcd6fc0be5679ceeabf860ca52f314d95ae8d1521ebfbc38d/6f16be56fe2a01db/ 1 KB
2 KB 66ms
66ms XHR
text/plain 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.exceluser.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7211009787346752:1648199273:e2dfc717c717eb4bcd6fc0be5679ceeabf860ca52f314d95ae8d1521ebfbc38d/6f16be56fe2a01db/42492a90d17e9d8
Requested by: Host: go.exceluser.com
URL: https://go.exceluser.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6f16be56fe2a01db
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57712348911ee610cab69e84f1fd51955d8618cafff5dd75b1b7ade6da3c6574

Request headers

Referer: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
CF-Challenge: 42492a90d17e9d8
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 25 Mar 2022 09:50:41 GMT
cf_chl_out_s: LjCHBz1XtIxBvblWOEd83BZ/x5ogDwGR2MGJd36xS+YmXMUNMNVL0HTitQVBFapRYd7HESNZnUwyeC0wyn1nz921zKyOHXuT1rOJZIzWBBuPdJ0VgAL6gP9tJrNXQSmvq09yhb71ufk6/e0aseWbCaSV1Fg3kAzxkCgvLHdD79/ve+hGZTJAjVFCWSgemsamSoWspGLDuDUenMCY6WLxHCjsJvHZ2pA3ByMaFm9cgO39jh7b35SllZWPhYBiFLGY0HVwxGEsjWAyY4nLeu6j2UOQ1EeaF4lrdDbtM+RRlONkpFQ8AMB8kNoshykhHEWpUOarl6aMENuKLz/VlGQDvNbrmxL6e90O2TWtbIRotdpSK21vCRu0tILVn80dgZUZ$aWQCYTD0IozgRvwK5KNTWg==
cf-ray: 6f16be61f8a401db-ZRH
cf_chl_out: xLOYmKLWCqCST6iUiU1vmSb+nuxz9kNxJPZLBqzqQKFDnaRFp10uQw8Z48j0jLQjoCLaH8/vw17PdFX7rI4l6g==$/FfYS8HT/lrG4vbh8ACKXw==
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H2 503 Primary Request click Show response
go.exceluser.com/queued_emails/3422347755/ 12 KB
12 KB 24ms
23ms Document
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecb3f4cd5415ce6a09b4d3261228b3c2a345b8b093148823347f57788b264f4b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae

Response headers

date: Fri, 25 Mar 2022 09:50:43 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6f16be6f1f2901db-ZRH

GET
H2 200 v1 Show response
go.exceluser.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 37 KB
14 KB 30ms
30ms Script
text/javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.exceluser.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6f16be6f1f2901db
Requested by: Host: go.exceluser.com
URL: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91c9e8c94bea2b653b78755ac4d7ed6eabaf324dafb47e5c6919f67ef36c65ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae&__cf_chl_rt_tk=tCQWp9Yl9DIa07i_DHEuC6ZclfXkFSHgaqvQFsk85v8-1648201843-0-gaNycGzNCJE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:50:43 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 6f16be6f5f7d01db-ZRH

GET
H2 200 transparent.gif
go.exceluser.com/cdn-cgi/images/trace/jschal/js/ 42 B
124 B 15ms
15ms Image
image/gif 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.exceluser.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6f16be6f1f2901db

Requested by

Host: go.exceluser.com
URL: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae&__cf_chl_rt_tk=tCQWp9Yl9DIa07i_DHEuC6ZclfXkFSHgaqvQFsk85v8-1648201843-0-gaNycGzNCJE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae&__cf_chl_rt_tk=tCQWp9Yl9DIa07i_DHEuC6ZclfXkFSHgaqvQFsk85v8-1648201843-0-gaNycGzNCJE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:50:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Mar 2022 14:13:40 GMT
server: cloudflare
etag: "62388814-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6f16be6f5f7e01db-ZRH
vary: Accept-Encoding
content-length: 42
expires: Fri, 25 Mar 2022 11:50:43 GMT

GET
H2 200 transparent.gif
go.exceluser.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 17ms
17ms Image
image/gif 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.exceluser.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6f16be6f1f2901db

Requested by

Host: go.exceluser.com
URL: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae&__cf_chl_rt_tk=tCQWp9Yl9DIa07i_DHEuC6ZclfXkFSHgaqvQFsk85v8-1648201843-0-gaNycGzNCJE

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae&__cf_chl_rt_tk=tCQWp9Yl9DIa07i_DHEuC6ZclfXkFSHgaqvQFsk85v8-1648201843-0-gaNycGzNCJE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 09:50:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Mar 2022 14:13:40 GMT
server: cloudflare
etag: "62388814-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 6f16be6f5f7f01db-ZRH
vary: Accept-Encoding
content-length: 42
expires: Fri, 25 Mar 2022 11:50:43 GMT

POST 74428eeb993de12
go.exceluser.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.5609116003296887:1648199286:56feac072bd460aafed88cb7eb659821376c9e258a57a4de914c1930223f850d/6f16be6f1f2901db/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: go.exceluser.com
URL: https://go.exceluser.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.5609116003296887:1648199286:56feac072bd460aafed88cb7eb659821376c9e258a57a4de914c1930223f850d/6f16be6f1f2901db/74428eeb993de12

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.exceluser.com/	1970-01-20 01:50:03	Name: __cf_bm Value: ucgbJP9f4JINhOqjWmAgghL6dn1qxLaFaGZH.L9QCDs-1648201839-0-AYVlRS4D/8tPlw+i2fHVOxdz/QrqLYN/IL2ssA/e4uCKJMTwLoN4Pm16j67IleNd7dpdFHm2Dcgbvmx3GZGk2MJvMAxBwd1FPPAndktrgzX2
go.exceluser.com/	1970-01-20 01:50:05	Name: cf_chl_2 Value: 42492a90d17e9d8
go.exceluser.com/	1970-01-20 01:50:05	Name: cf_chl_prog Value: F12
go.exceluser.com/	1970-01-20 01:50:05	Name: cf_chl_rc_ni Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae Message: Failed to load resource: the server responded with a status of 503 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://go.exceluser.com/queued_emails/3422347755/click?url=https%3A%2F%2Fgo.exceluser.com%2Fpage-1jitj0ns4%3Futm_content%3D13395195%26utm_medium%3DEmail%26utm_name%3DId%26utm_source%3DActionetics%26utm_term%3DEmail&signature=1f17f6e374c978aee2ea2065167f5eae Message: Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.exceluser.com
u25654755.ct.sendgrid.net
go.exceluser.com
167.89.118.35
2606:4700::6810:10c2
11d307c29fda413e666070729c6ca4650478ef5a9b9fb5e1e2fdcd7daa27b20f
154bf65996cd1b07be6f6d86cc4d46956244f40d6c52f03512cd8706a9aae310
1d0ac6b04390e1e92b6ead81b4d73ebd776f57f01d5bd10f1181145c35c1f093
57712348911ee610cab69e84f1fd51955d8618cafff5dd75b1b7ade6da3c6574
5d1decb0b7f9ee3efcc77a7850c89a45abe7bdefbf31cddf755901fe55cb45a2
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
91c9e8c94bea2b653b78755ac4d7ed6eabaf324dafb47e5c6919f67ef36c65ae
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
ecb3f4cd5415ce6a09b4d3261228b3c2a345b8b093148823347f57788b264f4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

go.exceluser.com Open in urlscan Pro 2606:4700::6810:10c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

85 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

146 kBTransfer

191 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

4 Cookies

4 Console Messages

Security Headers

Indicators

go.exceluser.com Open in urlscan Pro
2606:4700::6810:10c2 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

146 kB
Transfer

191 kB
Size

4
Cookies

13 HTTP transactions
1 data transactions