webapp.senderglobal.com Open in urlscan Pro
109.68.80.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://informacion.novedadonline.com/sgcloud/XaWRfaz0yNjYzJmlkX2M9ODQmaWRfZT1hZmVybmFuZEBhZ2Jhci5uZXQmaWRfYT0yJmlkX2w9NTgxOS1kZWNiYmU,
Effective URL:
https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5Kjh...
Submission: On March 10 via api (March 10th 2022, 11:29:48 am UTC) from FR — Scanned from ES

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 8 HTTP transactions. The main IP is 109.68.80.210, located in Spain and belongs to AXARNET-AS, ES. The main domain is webapp.senderglobal.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 19th 2021. Valid for: a year.

This is the only time webapp.senderglobal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	94.127.191.191 94.127.191.191	50926 (AXARNET-AS) (AXARNET-AS)
4 6	109.68.80.210 109.68.80.210	50926 (AXARNET-AS) (AXARNET-AS)
2	2606:2c40::c7... 2606:2c40::c73c:67e1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 1	2606:4700::68... 2606:4700::6812:480	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.38.44.127 54.38.44.127	16276 (OVH) (OVH)
1	40.118.56.141 40.118.56.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
8	6

3 94.127.191.191 (Spain) 3 redirects

ASN50926 (AXARNET-AS, ES)
PTR: mailsrv30.abseli.net

informacion.novedadonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marketing.senderglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 109.68.80.210 (Spain) 4 redirects

ASN50926 (AXARNET-AS, ES)

webapp.senderglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2c40::c73c:67e1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

ofertas.gafas.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:480 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hsctaimages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f1cc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.44.127 (France)

ASN16276 (OVH, FR)
PTR: cd19.servidorprimario.com

www.geoads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.118.56.141 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

securitasdirect.uinterbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	senderglobal.com 6 redirects marketing.senderglobal.com webapp.senderglobal.com	48 KB
2	doubleclick.net 1 redirects ad.doubleclick.net — Cisco Umbrella Rank: 181	994 B
2	gafas.es ofertas.gafas.es	71 KB
1	uinterbox.com securitasdirect.uinterbox.com	677 B
1	geoads.net www.geoads.net	341 B
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 6493	4 KB
1	hsctaimages.net 1 redirects hsctaimages.net — Cisco Umbrella Rank: 28728	369 B
1	novedadonline.com 1 redirects informacion.novedadonline.com	352 B
8	8

	Domain	Requested by
6	webapp.senderglobal.com	4 redirects webapp.senderglobal.com
2	ad.doubleclick.net	1 redirects webapp.senderglobal.com
2	ofertas.gafas.es	webapp.senderglobal.com
2	marketing.senderglobal.com	2 redirects
1	securitasdirect.uinterbox.com	webapp.senderglobal.com
1	www.geoads.net	webapp.senderglobal.com
1	cdn2.hubspot.net	webapp.senderglobal.com
1	hsctaimages.net	1 redirects
1	informacion.novedadonline.com	1 redirects
8	9

This site contains no links.

Subject Issuer	Validity	Valid
*.senderglobal.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-19` - `2022-05-19`	a year	crt.sh
ofertas.gafas.es Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,
Frame ID: 8D665CCEA38FD5191BECBF1D67185509
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://informacion.novedadonline.com/sgcloud/XaWRfaz0yNjYzJmlkX2M9ODQmaWRfZT1hZmVybmFuZEBhZ2Jhci5uZXQmaWRfYT0yJml... HTTP 301
http://marketing.senderglobal.com/sgcloud/XaWRfaz0yNjYzJmlkX2M9ODQmaWRfZT1hZmVybmFuZEBhZ2Jhci5uZXQmaWRfYT0yJml... HTTP 302
http://marketing.senderglobal.com/sgtrack.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=2&id_l=5819 HTTP 302
https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjM... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

8
Requests

50 %
HTTPS

38 %
IPv6

8
Domains

9
Subdomains

6
IPs

4
Countries

120 kB
Transfer

116 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://informacion.novedadonline.com/sgcloud/XaWRfaz0yNjYzJmlkX2M9ODQmaWRfZT1hZmVybmFuZEBhZ2Jhci5uZXQmaWRfYT0yJmlkX2w9NTgxOS1kZWNiYmU, HTTP 301
http://marketing.senderglobal.com/sgcloud/XaWRfaz0yNjYzJmlkX2M9ODQmaWRfZT1hZmVybmFuZEBhZ2Jhci5uZXQmaWRfYT0yJmlkX2w9NTgxOS1kZWNiYmU, HTTP 302
http://marketing.senderglobal.com/sgtrack.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=2&id_l=5819 HTTP 302
https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,, Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://webapp.senderglobal.com/action.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=98&id_l=5817 HTTP 302
https://hsctaimages.net/ctas/v2/public/cs/il/?pg=edaf9f9f-8dff-4049-83ac-01b5d437b039&pid=2859364&ecid={{encrypted_contact_id}}&hseid={{email_campaign_id}}&hsic={{impersonated_contact}} HTTP 307
https://cdn2.hubspot.net/hubshot/22/02/14/ffe37990-3cd9-481e-be7f-ee03d01dc32e.png

Request Chain 3

https://webapp.senderglobal.com/action.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=98&id_l=5818 HTTP 302
https://www.geoads.net/apt/dvdp/76491fb4219756dec24b560e5/

Request Chain 4

https://webapp.senderglobal.com/action.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=98&id_l=5704 HTTP 302
https://securitasdirect.uinterbox.com/tracking/imp?typ=def&act=11689&gel=69685&pub=8761&org=2675

Request Chain 5

https://webapp.senderglobal.com/action.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=98&id_l=5705 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N428801.2559562SECURITASDIRECTES/B22270652.327178769;dc_trk_aid=519167537;dc_trk_cid=165864747;data-dcm-param-afname=%7Bwebname%7D;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N428801.2559562SECURITASDIRECTES/B22270652.327178769;dc_pre=CKbiib-4u_YCFSfhuwgdfqIGGQ;dc_trk_aid=519167537;dc_trk_cid=165864747;data-dcm-param-afname=%7Bwebname%7D;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request preview2.php Show response
webapp.senderglobal.com/
Redirect Chain

http://informacion.novedadonline.com/sgcloud/XaWRfaz0yNjYzJmlkX2M9ODQmaWRfZT1hZmVybmFuZEBhZ2Jhci5uZXQmaWRfYT0yJmlkX2w9NTgxOS1kZWNiYmU,
http://marketing.senderglobal.com/sgcloud/XaWRfaz0yNjYzJmlkX2M9ODQmaWRfZT1hZmVybmFuZEBhZ2Jhci5uZXQmaWRfYT0yJmlkX2w9NTgxOS1kZWNiYmU,
http://marketing.senderglobal.com/sgtrack.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=2&id_l=5819
https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,

44 KB
44 KB

334ms
44ms

Document
text/html

109.68.80.210
AXARNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.68.80.210 , Spain, ASN50926 (AXARNET-AS, ES),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fadcc1c4c39960f72666749872862bf5b29d6f99535ef3034c7ec16aeec889fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: es-ES,es;q=0.9

Response headers

Date: Thu, 10 Mar 2022 11:31:39 GMT
Server: Apache/2.2.15 (CentOS)
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 10 Mar 2022 11:29:43 GMT
Server: Apache
X-Powered-By: PHP/5.6.40 PleskLin
Location: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gafas-es-Logo-ohneClaim-2021.png
ofertas.gafas.es/hs-fs/hubfs/New%20Logos/ 3 KB
4 KB 267ms
132ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertas.gafas.es/hs-fs/hubfs/New%20Logos/gafas-es-Logo-ohneClaim-2021.png?upscale=true&width=308&upscale=true&name=gafas-es-Logo-ohneClaim-2021.png
Requested by: Host: webapp.senderglobal.com
URL: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194de5b8108d98c40a711a5813b915ea73766fe63a0cfa24a22dfa049148e7e5

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://webapp.senderglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 11:29:43 GMT
via: 1.1 615f410a3a080a335933e9fa08c15260.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2660
cf-polished: origFmt=png, origSize=5832
edge-cache-tag: F-38213760398,FD-38213507744,P-2859364,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="gafas-es-Logo-ohneClaim-2021.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 14
content-length: 3208
x-amz-server-side-encryption: AES256
last-modified: Sat, 26 Feb 2022 03:38:04 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "e9724e048ba29c84d7640598870c8b8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aR7GRjvN26MNPJBRP9mJE065PHOVqv2HIai3%2F4NwVzbvqqOXWz4iEmYAqsKjpzT1BDXD3Qa4JFxD8%2FXNwrKbwZeRBbWsLR4ZRv539pxUWXGoCqsMdJrME81jxu%2FuyVeAAHV788yW32TJhbUvJY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
cf-ray: 6e9bb6d918d469d8-MAD
x-amz-cf-id: Xu4xpuXoWX67did-_KeMIp0AkUvnjY00CBDPPg__sbU0AU-9u0-kCA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 14

GET
H2 200 NWS_Cover_Age_KW08_600x300_ES-1.jpg
ofertas.gafas.es/hs-fs/hubfs/ 66 KB
67 KB 233ms
99ms Image
image/webp 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ofertas.gafas.es/hs-fs/hubfs/NWS_Cover_Age_KW08_600x300_ES-1.jpg?upscale=true&width=1200&upscale=true&name=NWS_Cover_Age_KW08_600x300_ES-1.jpg
Requested by: Host: webapp.senderglobal.com
URL: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: caf3b224e013d44c1f44ee505dcad4140ac3f3d727dd0088754ee063985b0f34

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://webapp.senderglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 11:29:43 GMT
via: 1.1 199b065e4c1253c9590e1b5e57083906.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2660
cf-polished: qual=85, origFmt=jpeg, origSize=83419
edge-cache-tag: F-66207619229,P-2859364,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="NWS_Cover_Age_KW08_600x300_ES-1.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 14
content-length: 67434
x-amz-server-side-encryption: AES256
last-modified: Mon, 07 Mar 2022 17:24:25 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "0ee0be5ad9b5ad500b1154488e8031d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwo%2Fx24boB1j1GO1C1BdifCGgIRkF4%2BiUYDkYeOukHxAz2M4fEtvikm%2BaDmMZPcKYIOJCTyUI3aqSd8GD3gbjLmlz7HbJtIzL0d1sS1ntYSu1sjIGsFjCIvnDNMaUPTm%2FytM%2FgBKFxaZxX2iBt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
cf-ray: 6e9bb6d928d969d8-MAD
x-amz-cf-id: HH_N7Iof7Ar4XcjLN5XpJQ2tkKKf4TYkU1lufSUWamN9gKw0xi-SXA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 14

GET
H2

200

ffe37990-3cd9-481e-be7f-ee03d01dc32e.png
cdn2.hubspot.net/hubshot/22/02/14/
Redirect Chain

https://webapp.senderglobal.com/action.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=98&id_l=5817
https://hsctaimages.net/ctas/v2/public/cs/il/?pg=edaf9f9f-8dff-4049-83ac-01b5d437b039&pid=2859364&ecid={{encrypted_contact_id}}&hseid={{email_campaign_id}}&hsic={{impersonated_contact}}
https://cdn2.hubspot.net/hubshot/22/02/14/ffe37990-3cd9-481e-be7f-ee03d01dc32e.png

3 KB
4 KB

118ms
46ms

Image
image/webp

2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.hubspot.net/hubshot/22/02/14/ffe37990-3cd9-481e-be7f-ee03d01dc32e.png
Requested by: Host: webapp.senderglobal.com
URL: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,
Protocol: H2
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c36bbc7b324784c9a3a6be186b42f906e1ebd203022c5825684797f317633fc

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://webapp.senderglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 11:29:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 51511
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="ffe37990-3cd9-481e-be7f-ee03d01dc32e.webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 11
content-length: 3130
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 11
last-modified: Mon, 14 Feb 2022 11:04:23 GMT
server: cloudflare
etag: "cc59eeacc474d8ac733b8e2f593099e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svbGLpqWEnYFw%2Fi66ahK9foxM5rGq1uOQkfiMtlo%2BROsnAbN8UUUG22VXp6QWIXysEUmk5k0LgfGbth49JmIvOgaKyesgmNv9EEKrjoL68jvA%2Fq23GznFM78LqeaQna3R9DDZKL%2BAnD2vy6QQCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-polished: origFmt=png, origSize=4533
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
cf-ray: 6e9bb6dd99db669b-MAD
cf-bgj: imgq:85,h2pri

Redirect headers

date: Thu, 10 Mar 2022 11:29:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-hubspot-correlation-id: a085c316-0ab6-4aa3-8088-84acde6f6007
x-trace: 2B00100945D0705A691867E4BEC784376F4B7736EE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://cdn2.hubspot.net/hubshot/22/02/14/ffe37990-3cd9-481e-be7f-ee03d01dc32e.png
cache-control: max-age=0, no-cache, no-store
cf-ray: 6e9bb6dc2e4b69cc-MAD
x-robots-tag: noindex, follow

GET
H/1.1

200
OK

/
www.geoads.net/apt/dvdp/76491fb4219756dec24b560e5/
Redirect Chain

https://webapp.senderglobal.com/action.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=98&id_l=5818
https://www.geoads.net/apt/dvdp/76491fb4219756dec24b560e5/

76 B
341 B

192ms
71ms

Image
image/png

54.38.44.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.geoads.net/apt/dvdp/76491fb4219756dec24b560e5/
Requested by: Host: webapp.senderglobal.com
URL: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,
Protocol: HTTP/1.1
Server: 54.38.44.127 , France, ASN16276 (OVH, FR),
Reverse DNS: cd19.servidorprimario.com
Software: Apache /
Resource Hash: b0c7a656e088de4d317eeef2228ff6a801a3a19c72ec827b9370333b92a5bb70

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://webapp.senderglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 11:29:44 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=1000
Expires: Sat, 09 Apr 2022 11:29:44 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 11:31:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Pingback: https://webapp.senderglobal.com/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Location: https://www.geoads.net/apt/dvdp/76491fb4219756dec24b560e5/
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 1
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1

200

imp
securitasdirect.uinterbox.com/tracking/
Redirect Chain

https://webapp.senderglobal.com/action.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=98&id_l=5704
https://securitasdirect.uinterbox.com/tracking/imp?typ=def&act=11689&gel=69685&pub=8761&org=2675

35 B
677 B

351ms
146ms

Image
image/gif

40.118.56.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securitasdirect.uinterbox.com/tracking/imp?typ=def&act=11689&gel=69685&pub=8761&org=2675
Requested by: Host: webapp.senderglobal.com
URL: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,
Protocol: HTTP/1.1
Server: 40.118.56.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: datracks /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://webapp.senderglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 11:29:43 GMT
Server: datracks
ETag: ce1e4df911a24207b2ee954cda20d526
P3P: policyref="http://statsunify.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Connection: close
Content-Type: image/gif
Content-Length: 35

Redirect headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 11:31:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Pingback: https://webapp.senderglobal.com/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Location: https://securitasdirect.uinterbox.com/tracking/imp?typ=def&act=11689&gel=69685&pub=8761&org=2675
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 1
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

200

B22270652.327178769;dc_pre=CKbiib-4u_YCFSfhuwgdfqIGGQ;dc_trk_aid=519167537;dc_trk_cid=165864747;data-dcm-param-afname=%7Bwebname%7D;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment...
ad.doubleclick.net/ddm/trackimp/N428801.2559562SECURITASDIRECTES/
Redirect Chain

https://webapp.senderglobal.com/action.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=98&id_l=5705
https://ad.doubleclick.net/ddm/trackimp/N428801.2559562SECURITASDIRECTES/B22270652.327178769;dc_trk_aid=519167537;dc_trk_cid=165864747;data-dcm-param-afname=%7Bwebname%7D;ord=[timestamp];dc_lat=;dc...
https://ad.doubleclick.net/ddm/trackimp/N428801.2559562SECURITASDIRECTES/B22270652.327178769;dc_pre=CKbiib-4u_YCFSfhuwgdfqIGGQ;dc_trk_aid=519167537;dc_trk_cid=165864747;data-dcm-param-afname=%7Bweb...

42 B
220 B

80ms
79ms

Image
image/gif

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N428801.2559562SECURITASDIRECTES/B22270652.327178769;dc_pre=CKbiib-4u_YCFSfhuwgdfqIGGQ;dc_trk_aid=519167537;dc_trk_cid=165864747;data-dcm-param-afname=%7Bwebname%7D;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Host: webapp.senderglobal.com
URL: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,

Protocol

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://webapp.senderglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 11:29:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 11:29:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N428801.2559562SECURITASDIRECTES/B22270652.327178769;dc_pre=CKbiib-4u_YCFSfhuwgdfqIGGQ;dc_trk_aid=519167537;dc_trk_cid=165864747;data-dcm-param-afname=%7Bwebname%7D;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found action.php
webapp.senderglobal.com/ 1 B
399 B 554ms
476ms Image
text/html 109.68.80.210
AXARNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webapp.senderglobal.com/action.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=99&id_l=0
Requested by: Host: webapp.senderglobal.com
URL: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.68.80.210 , Spain, ASN50926 (AXARNET-AS, ES),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language: es-ES,es;q=0.9
Referer: https://webapp.senderglobal.com/preview2.php?cdc=aWQ9MTA2NyZpZENsaT04NCZlPWFmZXJuYW5kQGFnYmFyLm5ldCZrPTI2NjMmaWRfbGluaz01ODE5KjhlMjA2NA,,
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 11:31:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Pingback: https://webapp.senderglobal.com/xmlrpc.php
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 1
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ofertas.gafas.es/	1969-12-31 23:59:59	Name: __cfruid Value: 0ffdef3d7cf35bdbfe71780b6f7c196dc5ec3501-1646911783
webapp.senderglobal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ltl23gi9qmts69j1p4bjm53gn3
.doubleclick.net/	1970-01-20 01:28:32	Name: test_cookie Value: CheckForPermission
.uinterbox.com/	1970-01-20 19:01:10	Name: sunid2 Value: adfad42ccc75473e9357a1670f0572db
securitasdirect.uinterbox.com/	1970-01-20 19:01:10	Name: sunid Value: ce1e4df911a24207b2ee954cda20d526

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://webapp.senderglobal.com/action.php?id_k=2663&id_c=84&id_e=afernand@agbar.net&id_a=99&id_l=0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn2.hubspot.net
hsctaimages.net
informacion.novedadonline.com
marketing.senderglobal.com
ofertas.gafas.es
securitasdirect.uinterbox.com
webapp.senderglobal.com
www.geoads.net
109.68.80.210
142.250.186.134
2606:2c40::c73c:67e1
2606:4700::6811:f1cc
2606:4700::6812:480
40.118.56.141
54.38.44.127
94.127.191.191
194de5b8108d98c40a711a5813b915ea73766fe63a0cfa24a22dfa049148e7e5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
4c36bbc7b324784c9a3a6be186b42f906e1ebd203022c5825684797f317633fc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
b0c7a656e088de4d317eeef2228ff6a801a3a19c72ec827b9370333b92a5bb70
caf3b224e013d44c1f44ee505dcad4140ac3f3d727dd0088754ee063985b0f34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fadcc1c4c39960f72666749872862bf5b29d6f99535ef3034c7ec16aeec889fe

webapp.senderglobal.com Open in urlscan Pro 109.68.80.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

50 %HTTPS

38 %IPv6

8 Domains

9 Subdomains

6 IPs

4 Countries

120 kBTransfer

116 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

webapp.senderglobal.com Open in urlscan Pro
109.68.80.210 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

50 %
HTTPS

38 %
IPv6

8
Domains

9
Subdomains

6
IPs

4
Countries

120 kB
Transfer

116 kB
Size

5
Cookies

8 HTTP transactions
0 data transactions