link.email.newstitresdepressenlworld.com Open in urlscan Pro
81.92.125.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.email.newstitresdepressenlworld.com/m/surl/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=/link_0/XP5M3QBp68oqsvWM+fvT5i4...
Effective URL:
http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Submission: On February 22 via api (February 22nd 2022, 6:56:10 pm UTC) from BE — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 4 domains to perform 14 HTTP transactions. The main IP is 81.92.125.211, located in Belgium and belongs to EMAILVISION, BE. The main domain is link.email.newstitresdepressenlworld.com.

This is the only time link.email.newstitresdepressenlworld.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	81.92.125.211 81.92.125.211	39905 (EMAILVISION) (EMAILVISION)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
6	13.32.121.104 13.32.121.104	16509 (AMAZON-02) (AMAZON-02)
1	63.33.182.127 63.33.182.127	16509 (AMAZON-02) (AMAZON-02)
1	52.210.174.128 52.210.174.128	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
14	6

3 81.92.125.211 (Belgium) 1 redirects

ASN39905 (EMAILVISION, BE)

link.email.newstitresdepressenlworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.121.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-104.fra60.r.cloudfront.net

cdn.newstitresdepressenlworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.182.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-182-127.eu-west-1.compute.amazonaws.com

tr.newstitresdepressenlworld.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.174.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com

immowise.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	newstitresdepressenlworld.com 1 redirects link.email.newstitresdepressenlworld.com cdn.newstitresdepressenlworld.com tr.newstitresdepressenlworld.com	795 KB
2	gstatic.com fonts.gstatic.com	40 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	go2cloud.org immowise.go2cloud.org	523 B
14	4

	Domain	Requested by
6	cdn.newstitresdepressenlworld.com	link.email.newstitresdepressenlworld.com
3	link.email.newstitresdepressenlworld.com	1 redirects link.email.newstitresdepressenlworld.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	link.email.newstitresdepressenlworld.com
1	immowise.go2cloud.org	link.email.newstitresdepressenlworld.com
1	tr.newstitresdepressenlworld.com	link.email.newstitresdepressenlworld.com
14	6

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Frame ID: A034AAC53041045FD0F94712B4F77617
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DuneHotel

Page URL History Show full URLs

http://link.email.newstitresdepressenlworld.com/m/surl/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=/link_0/XP5... HTTP 307
http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg= Page URL

Page Statistics

14
Requests

29 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

4
Countries

836 kB
Transfer

842 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.email.newstitresdepressenlworld.com/m/surl/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=/link_0/XP5M3QBp68oqsvWM+fvT5i4Y3CMH9eWFxQKXHmWxlKn1Zd24yHRfpcRgmNHZv4I-lc5ySGJ1-G5FIQ-T4TnX38o9SCKztfrmkCqAVQpuAYLLwNu5Rp9j5y3Bt9o4eNVxIRCFHpePYkhwyZMHsh+wyWrgiQ96VyFNZ1QaZq6b79W-BERV2dn0SKXfKsTfAd+L HTTP 307
http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg= Show response
link.email.newstitresdepressenlworld.com/m/view/200335/580433/
Redirect Chain

http://link.email.newstitresdepressenlworld.com/m/surl/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=/link_0/XP5M3QBp68oqsvWM+fvT5i4Y3CMH9eWFxQKXHmWxlKn1Zd24yHRfpcRgmNHZv4I-lc5ySGJ1-G5F...
http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=

13 KB
5 KB

803ms
803ms

Document
text/html

81.92.125.211
EMAILVISION

General

Check archive.org

Show headers Download Go to

Full URL

http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=

Protocol

HTTP/1.1

Server

81.92.125.211 , Belgium, ASN39905 (EMAILVISION, BE),

Reverse DNS

Software

nginx /

Resource Hash

3712267012b604630d6cb8857167908b1a4af4607b40156846a63eca170ad075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 22 Feb 2022 18:56:05 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Disposition: inline
Cache-Control: max-age=2160000,s-maxage=2160000
expires: Sat, 19 Mar 2022 18:56:04 GMT
X-Robots-Tag: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: DENY
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Tue, 22 Feb 2022 18:56:04 GMT
Location: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: none
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 55ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@400&display=swap

Requested by

Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58354dd084faaae1b520af921de310bd2d26d4f1e648743944268ba50f48c315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 18:56:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 18:56:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 18:56:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
605 B 57ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@700&display=swap

Requested by

Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

013aceb109670006c5c220b23a50df26c0cbd4956019052c1a09fcfbd8f69c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 17:51:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Feb 2022 18:56:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Feb 2022 18:56:05 GMT

GET
H/1.1 200 transpix.gif
link.email.newstitresdepressenlworld.com/m/opening/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=/ 43 B
363 B 20ms
19ms Image
image/gif 81.92.125.211
EMAILVISION

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://link.email.newstitresdepressenlworld.com/m/opening/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=/transpix.gif

Requested by

Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=

Protocol

HTTP/1.1

Server

81.92.125.211 , Belgium, ASN39905 (EMAILVISION, BE),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 18:56:05 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: DENY
Content-Type: image/gif
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK dune2_61bcb987d526f.jpeg
cdn.newstitresdepressenlworld.com/3536b623f27c4e8c7880406dc58a79dd/01/ 156 KB
156 KB 43ms
7ms Image
image/jpeg 13.32.121.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.newstitresdepressenlworld.com/3536b623f27c4e8c7880406dc58a79dd/01/dune2_61bcb987d526f.jpeg
Requested by: Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Protocol: HTTP/1.1
Server: 13.32.121.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d7671c259054a2298c9b685f7f3a8733bbab56d122f3f586e5ddd923b96e61a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 10:02:57 GMT
Via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Feb 2022 10:40:33 GMT
Server: AmazonS3
Age: 51422
ETag: "027ce308ec4dea2b44610de40087a0bb"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 159526
X-Amz-Cf-Id: zGRna3-23d96kNzhHIm_yb8SZWUAUdzn8Kekja3bFHfaVrknwMj5kw==

GET
H/1.1 200
OK dune3_61bcb98860775.jpeg
cdn.newstitresdepressenlworld.com/3536b623f27c4e8c7880406dc58a79dd/01/ 7 KB
8 KB 49ms
14ms Image
image/jpeg 13.32.121.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.newstitresdepressenlworld.com/3536b623f27c4e8c7880406dc58a79dd/01/dune3_61bcb98860775.jpeg
Requested by: Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Protocol: HTTP/1.1
Server: 13.32.121.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b232eacf3f4d7847ef50bc51e6d334387b3924e17187afa64f77ef742f93d4a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 04:13:29 GMT
Via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Feb 2022 10:40:33 GMT
Server: AmazonS3
Age: 52957
ETag: "71ae1bbd7403f32f15edc51aaf9ce3e5"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 7313
X-Amz-Cf-Id: Bsv3zDFygGktsZ1OPBcZoLLXsCV6fhCGW3X18KSdxpLI3_MjFxS_4w==

GET
H/1.1 200
OK dune4_61bcb98896186.jpeg
cdn.newstitresdepressenlworld.com/3536b623f27c4e8c7880406dc58a79dd/01/ 37 KB
38 KB 47ms
11ms Image
image/jpeg 13.32.121.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.newstitresdepressenlworld.com/3536b623f27c4e8c7880406dc58a79dd/01/dune4_61bcb98896186.jpeg
Requested by: Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Protocol: HTTP/1.1
Server: 13.32.121.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a80575bc867fdf00ac5fbdeceff40a2d2b8a3188ba898cbf5a8cea398d7327f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 01:21:48 GMT
Via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Feb 2022 10:40:34 GMT
Server: AmazonS3
Age: 63258
ETag: "8201eb82f39659a7de3e0a6c26022ee8"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 38380
X-Amz-Cf-Id: aZRNXNbAyE8vDdCstJh3LJTolA6MG-d86WFBELVsky5xiP7xspOPFg==

GET
H/1.1 200
OK dune5_61bcb988dc3f3.jpeg
cdn.newstitresdepressenlworld.com/3536b623f27c4e8c7880406dc58a79dd/01/ 177 KB
177 KB 45ms
9ms Image
image/jpeg 13.32.121.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.newstitresdepressenlworld.com/3536b623f27c4e8c7880406dc58a79dd/01/dune5_61bcb988dc3f3.jpeg
Requested by: Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Protocol: HTTP/1.1
Server: 13.32.121.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2474a52fc350086db4babba7d7341f49b6ef62dd4fabf998008e1b8ccb9e7a50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 22 Feb 2022 08:46:52 GMT
Via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Feb 2022 10:40:36 GMT
Server: AmazonS3
Age: 36554
ETag: "e211e7b239d916ff66ad093cbbc41761"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 181036
X-Amz-Cf-Id: ZAHu-W4auSVWeHB8Z8f3_kuyvC0OrhS2PCWwGsNsdEi-gyU73fTQ_A==

GET
H/1.1 200
OK dune1_61bcb9895b422.jpeg
cdn.newstitresdepressenlworld.com/3536b623f27c4e8c7880406dc58a79dd/01/ 395 KB
396 KB 50ms
14ms Image
image/jpeg 13.32.121.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.newstitresdepressenlworld.com/3536b623f27c4e8c7880406dc58a79dd/01/dune1_61bcb9895b422.jpeg
Requested by: Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Protocol: HTTP/1.1
Server: 13.32.121.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac1b210eba40435acd3b44da538dfdd20268a4f992496a29c07d5c5da332fc88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 23:33:10 GMT
Via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
Last-Modified: Wed, 09 Feb 2022 10:40:38 GMT
Server: AmazonS3
Age: 69776
ETag: "9587313f73be13fef403ff275c3e32d4"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 404820
X-Amz-Cf-Id: sGthU-zFhcrRlWA9M4rBSqt5mB35UdbZagXDSELCgqGwy4HKVy_5eQ==

GET
H/1.1 200
OK footer_61431d2baabcd.jpg
cdn.newstitresdepressenlworld.com/wpt/ 14 KB
14 KB 44ms
9ms Image
image/jpeg 13.32.121.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.newstitresdepressenlworld.com/wpt/footer_61431d2baabcd.jpg
Requested by: Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Protocol: HTTP/1.1
Server: 13.32.121.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fd49f967b1ece1ba1e44afa12380ef41199354ff3daa989f30e61868c16c98b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 21 Feb 2022 23:07:31 GMT
Via: 1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront)
Last-Modified: Thu, 16 Sep 2021 10:32:24 GMT
Server: AmazonS3
Age: 71315
ETag: "15f1dc98c6d737861dd263f0c6b22b1d"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 14257
X-Amz-Cf-Id: z-uRqXIS0hHM7_f3xUCXZGbrxKyiDPczP9x8AAHoNPiTQ3lqgYWpiQ==

GET
H/1.1 200
OK open
tr.newstitresdepressenlworld.com/ 0
0 72ms
37ms Image
text/html 63.33.182.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tr.newstitresdepressenlworld.com/open?bid=1&cid=175558&eid=946685&uid=2617873&gid=&geo=BE_NL&nid=70802&did=&dld=65
Requested by: Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Protocol: HTTP/1.1
Server: 63.33.182.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-182-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1 200
OK aff_i
immowise.go2cloud.org/ 43 B
523 B 65ms
31ms Image
image/gif 52.210.174.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://immowise.go2cloud.org/aff_i?offer_id=102&aff_id=1&file_id=93
Requested by: Host: link.email.newstitresdepressenlworld.com
URL: http://link.email.newstitresdepressenlworld.com/m/view/200335/580433/nyeV-Mt4SfNvgPv18rXGwzvyJbM0yX5mbN24UF1WFeg=
Protocol: HTTP/1.1
Server: 52.210.174.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://link.email.newstitresdepressenlworld.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Feb 2022 18:56:05 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 1022ea6864b77c867cbeebadb0dff2
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: 12a1883dcbaa78196d6a56558c647258
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v28/ 19 KB
20 KB 37ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://link.email.newstitresdepressenlworld.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 21:28:42 GMT
x-content-type-options: nosniff
age: 509243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:30 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 21:28:42 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v28/ 20 KB
20 KB 42ms
14ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v28/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://link.email.newstitresdepressenlworld.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 21:28:42 GMT
x-content-type-options: nosniff
age: 509243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 02:22:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Feb 2023 21:28:42 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.newstitresdepressenlworld.com
fonts.googleapis.com
fonts.gstatic.com
immowise.go2cloud.org
link.email.newstitresdepressenlworld.com
tr.newstitresdepressenlworld.com
13.32.121.104
2a00:1450:4001:810::2003
2a00:1450:4001:827::200a
52.210.174.128
63.33.182.127
81.92.125.211
013aceb109670006c5c220b23a50df26c0cbd4956019052c1a09fcfbd8f69c1c
2474a52fc350086db4babba7d7341f49b6ef62dd4fabf998008e1b8ccb9e7a50
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
3712267012b604630d6cb8857167908b1a4af4607b40156846a63eca170ad075
3fd49f967b1ece1ba1e44afa12380ef41199354ff3daa989f30e61868c16c98b
58354dd084faaae1b520af921de310bd2d26d4f1e648743944268ba50f48c315
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
7a80575bc867fdf00ac5fbdeceff40a2d2b8a3188ba898cbf5a8cea398d7327f
9d7671c259054a2298c9b685f7f3a8733bbab56d122f3f586e5ddd923b96e61a
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
ac1b210eba40435acd3b44da538dfdd20268a4f992496a29c07d5c5da332fc88
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b232eacf3f4d7847ef50bc51e6d334387b3924e17187afa64f77ef742f93d4a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

link.email.newstitresdepressenlworld.com Open in urlscan Pro 81.92.125.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

29 %HTTPS

33 %IPv6

4 Domains

6 Subdomains

6 IPs

4 Countries

836 kBTransfer

842 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

link.email.newstitresdepressenlworld.com Open in urlscan Pro
81.92.125.211 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

29 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

4
Countries

836 kB
Transfer

842 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions