urlscan.io logo urlscan.io
SecurityTrails logo

benl.testpasta.com Open in urlscan Pro
94.130.207.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://netfilx.cc/r.php?q=O5apDXPKrGAO3JL17tBiyL3/YOmZnuzVtkKU5lZ8bfcXT5AcfHUECB0zhq28cpKZ3ik0uAVJu5zuGh/iQlfvb/Qr...
Effective URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Submission: On March 28 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 12 domains to perform 17 HTTP transactions. The main IP is 94.130.207.40, located in Germany and belongs to HETZNER-AS, DE. The main domain is benl.testpasta.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 17th 2020. Valid for: 3 months.
This is the only time benl.testpasta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    192.64.80.154 (Secaucus, United States)

ASN19318 (IS-AS-1, US)
PTR: server.telenet.be
netfilx.cc
1    34.240.31.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-31-114.eu-west-1.compute.amazonaws.com
tracking.rmkr.lu
1    52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
addservicemedia.go2cloud.org
6    94.130.207.40 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s1.golead7.eu
campaign.golead7.eu
benl.testpasta.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
5 benl.testpasta.com benl.testpasta.com
3 www.facebook.com benl.testpasta.com
2 connect.facebook.net benl.testpasta.com
connect.facebook.net
2 maxcdn.bootstrapcdn.com benl.testpasta.com
1 fonts.gstatic.com benl.testpasta.com
1 www.googletagmanager.com benl.testpasta.com
1 ajax.googleapis.com benl.testpasta.com
1 use.fontawesome.com benl.testpasta.com
1 fonts.googleapis.com benl.testpasta.com
1 campaign.golead7.eu 1 redirects
1 addservicemedia.go2cloud.org 1 redirects
1 tracking.rmkr.lu 1 redirects
1 netfilx.cc 1 redirects
17 13
Subject Issuer Validity Valid
befr.testpasta.com
Let's Encrypt Authority X3		 2020-03-17 -
2020-06-15		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-03-01 -
2020-05-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Frame ID: 71533CEE649DA7E1D3C1251A40B4290E
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://netfilx.cc/r.php?q=O5apDXPKrGAO3JL17tBiyL3/YOmZnuzVtkKU5lZ8bfcXT5AcfHUECB0zhq28cpKZ3ik0... HTTP 302
    https://tracking.rmkr.lu/aff_c?offer_id=12187&aff_id=4882/531/385/19520/25 HTTP 302
    https://addservicemedia.go2cloud.org/aff_c?offer_id=255&aff_id=1025&aff_sub2=102068194611f7f94f3978582de5d7&sourc... HTTP 302
    https://campaign.golead7.eu/benl,testpasta,com_70.html?idPartner=13&idCampaignAd=0&subId=1025&subIdentif... HTTP 302
    https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847& Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

17
Requests

100 %
HTTPS

58 %
IPv6

12
Domains

13
Subdomains

9
IPs

4
Countries

601 kB
Transfer

1366 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://netfilx.cc/r.php?q=O5apDXPKrGAO3JL17tBiyL3/YOmZnuzVtkKU5lZ8bfcXT5AcfHUECB0zhq28cpKZ3ik0uAVJu5zuGh/iQlfvb/QrZfVs4up87IxCDuQR0Iw= HTTP 302
    https://tracking.rmkr.lu/aff_c?offer_id=12187&aff_id=4882/531/385/19520/25 HTTP 302
    https://addservicemedia.go2cloud.org/aff_c?offer_id=255&aff_id=1025&aff_sub2=102068194611f7f94f3978582de5d7&source=4882 HTTP 302
    https://campaign.golead7.eu/benl,testpasta,com_70.html?idPartner=13&idCampaignAd=0&subId=1025&subIdentifier=102c70ca472d6f20de48b6a725b13e HTTP 302
    https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set campaign_131.html
benl.testpasta.com/
Redirect Chain
  • http://netfilx.cc/r.php?q=O5apDXPKrGAO3JL17tBiyL3/YOmZnuzVtkKU5lZ8bfcXT5AcfHUECB0zhq28cpKZ3ik0uAVJu5zuGh/iQlfvb/QrZfVs4up87IxCDuQR0Iw=
  • https://tracking.rmkr.lu/aff_c?offer_id=12187&aff_id=4882/531/385/19520/25
  • https://addservicemedia.go2cloud.org/aff_c?offer_id=255&aff_id=1025&aff_sub2=102068194611f7f94f3978582de5d7&source=4882
  • https://campaign.golead7.eu/benl,testpasta,com_70.html?idPartner=13&idCampaignAd=0&subId=1025&subIdentifier=102c70ca472d6f20de48b6a725b13e
  • https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
102 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.207.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
aecfff90b43857ecc0407ddceae83ec7904c502b6558bab052a4245959481c55

Request headers

Host
benl.testpasta.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 12:25:47 GMT
Server
Apache/2.4.29 (Ubuntu)
Set-Cookie
PHPSESSID=l0jv33ent3se4fsvrvq4lfp7r7; path=/; secure; HttpOnly coyoteAffiliTokenId131=414847; expires=Sat, 28-Mar-2020 16:25:47 GMT; Max-Age=14400; path=/; secure
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
24779
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sat, 28 Mar 2020 12:25:46 GMT
Server
Apache/2.4.29 (Ubuntu)
Set-Cookie
PHPSESSID=sdoljijd94ug9fh4up7ann8ti0; path=/; secure; HttpOnly coyoteTrackingCookie_70=414847; expires=Mon, 27-Apr-2020 12:25:47 GMT; Max-Age=2592000; path=/;samesite=None; Secure; domain=golaed7.eu coyoteSimpleTrackingCookie=414847; expires=Mon, 27-Apr-2020 12:25:47 GMT; Max-Age=2592000; path=/;samesite=None; Secure; domain=golaed7.eu
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Content-Length
5
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
css
fonts.googleapis.com/ 		4 KB
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ac82e3a08fc84aada4c11b43c1ab033f21761c29f02481ea5d958f8d98a437e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 28 Mar 2020 12:25:47 GMT
server
ESF
date
Sat, 28 Mar 2020 12:25:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 28 Mar 2020 12:25:47 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 28 Mar 2020 12:25:47 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
access-control-allow-origin
*
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
19740
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Origin
https://benl.testpasta.com
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 12:25:47 GMT
content-encoding
gzip
last-modified
Fri, 02 Nov 2018 15:16:46 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 05 Mar 2020 14:06:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1981178
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Mar 2021 14:06:09 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 12:25:47 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:51 GMT
access-control-allow-origin
*
etag
"1544639631"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
9832
dynamicCoreg.js
benl.testpasta.com/templates/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://benl.testpasta.com/templates/js/dynamicCoreg.js
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.207.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
3c7e653517a4113fd021f2a0faf55caa8c8aa7ab622e0d973500360321bc0a67

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 28 Mar 2020 12:25:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Feb 2020 05:11:29 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"18ec-59ed2b4542673-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1857
gtm.js
www.googletagmanager.com/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NT6C9N2
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75952ee3d77bc667102a87a5cc6cc6290584af6f37eae5954d58841325880aeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 28 Mar 2020 12:25:47 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
20131
x-xss-protection
0
last-modified
Sat, 28 Mar 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 28 Mar 2020 12:25:47 GMT
campaign_131.html
benl.testpasta.com/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.207.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Sat, 28 Mar 2020 12:25:47 GMT
Content-Encoding
gzip
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
24777
Expires
Thu, 19 Nov 1981 08:52:00 GMT
header,pasta,benl.jpg
benl.testpasta.com/media/adresseManager/microSiteImg/131/ 		276 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benl.testpasta.com/media/adresseManager/microSiteImg/131/header,pasta,benl.jpg
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.207.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d3fcdb4a1d818e86b3537c879a80713e7da5d101483bb9a0163fb8de8149f839

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 28 Mar 2020 12:25:47 GMT
Last-Modified
Tue, 24 Mar 2020 14:53:43 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"44eac-5a19aeb066cb2"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
282284
6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
fonts.gstatic.com/s/quicksand/v20/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v20/6xKtdSZaM9iE8KbpRA_hK1QNYuDyPw.woff2
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Quicksand:300,400,500,700
Origin
https://benl.testpasta.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 09:22:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 Feb 2020 23:46:37 GMT
server
sffe
age
1911772
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
26160
x-xss-protection
0
expires
Sat, 06 Mar 2021 09:22:55 GMT
select,arrow.png
benl.testpasta.com/media/adresseManager/microSiteImg/131/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://benl.testpasta.com/media/adresseManager/microSiteImg/131/select,arrow.png
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.207.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s1.golead7.eu
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 28 Mar 2020 12:25:47 GMT
Last-Modified
Tue, 24 Mar 2020 14:48:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"44e-5a19ad750aea2"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1102
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
Xnh9xwQqdxmJ2rHOIOvoqK7jrzGXyQJiLD5Br1Ln+2SJMs7ZkhRGEtMBtdqzyaDnazdQDtwiJt7OqwtkYUhp5g==
x-fb-trip-id
1850256238
date
Sat, 28 Mar 2020 12:25:47 GMT, Sat, 28 Mar 2020 12:25:47 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
451549789018811
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/451549789018811?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
93c850137774b48d06b0be20294777c22ad3a01b79310acca5d56fc374039205
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
3zaCAt6LNYSrAbL0z6CziwLARz7muUdeAtadz6vAar93UzvO4qnGLnQ/OrbE8BO/6tWN7DCp0D+lQQmFw6r08g==
x-fb-trip-id
1850256238
date
Sat, 28 Mar 2020 12:25:47 GMT, Sat, 28 Mar 2020 12:25:47 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=451549789018811&ev=PageView&dl=https%3A%2F%2Fbenl.testpasta.com%2Fcampaign_131.html%3FcoyoteAffiliTokenId%3D414847%26&rl=&if=false&ts=1585398347617&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585398347616.1327075470&it=1585398347484&coo=false&rqm=GET
Requested by
Host: benl.testpasta.com
URL: https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 12:25:47 GMT, Sat, 28 Mar 2020 12:25:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Sat, 28 Mar 2020 12:25:47 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=451549789018811&ev=Microdata&dl=https%3A%2F%2Fbenl.testpasta.com%2Fcampaign_131.html%3FcoyoteAffiliTokenId%3D414847%26&rl=&if=false&ts=1585398349120&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TEST%20PASTA%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585398347616.1327075470&it=1585398347484&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 12:25:49 GMT, Sat, 28 Mar 2020 12:25:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Sat, 28 Mar 2020 12:25:49 GMT
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=451549789018811&ev=ViewContent&dl=https%3A%2F%2Fbenl.testpasta.com%2Fcampaign_131.html%3FcoyoteAffiliTokenId%3D414847%26&rl=&if=false&ts=1585398357471&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1585398357471.1583065528&it=1585398347484&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://benl.testpasta.com/campaign_131.html?coyoteAffiliTokenId=414847&
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 12:25:57 GMT, Sat, 28 Mar 2020 12:25:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Sat, 28 Mar 2020 12:25:57 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| dataLayer number| globalCoregJavaSciptFunctionsLoaded string| globalDatasetToken number| globalCampaignId string| globalAjaxUrl function| setAjaxUrl function| setDatasetToken function| setCampaignId function| coregsend function| validateAndSend function| getAllValues object| google_tag_manager function| handler object| page3 object| page4 function| fbq function| _fbq

3 Cookies

Domain/Path Name / Value
.testpasta.com/ Name: _fbp
Value: fb.1.1585398347616.1327075470
benl.testpasta.com/ Name: coyoteAffiliTokenId131
Value: 414847
benl.testpasta.com/ Name: PHPSESSID
Value: l0jv33ent3se4fsvrvq4lfp7r7

1 Console Messages

Source Level URL
Text
console-api log URL: https://benl.testpasta.com/templates/js/dynamicCoreg.js(Line 35)
Message:
dynamicCoreg initialised

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addservicemedia.go2cloud.org
ajax.googleapis.com
benl.testpasta.com
campaign.golead7.eu
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
netfilx.cc
tracking.rmkr.lu
use.fontawesome.com
www.facebook.com
www.googletagmanager.com
192.64.80.154
2001:4de0:ac19::1:b:3a
23.111.9.35
2a00:1450:4001:806::2003
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:81f::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.240.31.114
52.210.2.133
94.130.207.40
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
3c7e653517a4113fd021f2a0faf55caa8c8aa7ab622e0d973500360321bc0a67
49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
75952ee3d77bc667102a87a5cc6cc6290584af6f37eae5954d58841325880aeb
93c850137774b48d06b0be20294777c22ad3a01b79310acca5d56fc374039205
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
ac82e3a08fc84aada4c11b43c1ab033f21761c29f02481ea5d958f8d98a437e5
aecfff90b43857ecc0407ddceae83ec7904c502b6558bab052a4245959481c55
b47478ebfad192488b281cb20b85ef93444ff24c547c4a03511e400defb38aa5
d3fcdb4a1d818e86b3537c879a80713e7da5d101483bb9a0163fb8de8149f839
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c