Report - eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcounterfeit-trouble-784092eb2860.herokuapp.com%2Fu%3Fmid%3D65ed7b06b3755200073363e9&data=05%7C02%7Cguyse%40elal.co.il%7C3c1a7a8b0c6941b5949b08dc5e03108a%7C4e65b2ce63ec4dff8fd9290082cc0def%7C0%7C0%7C638488614458805617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=mgjEX5T6tvcELNQIKQ49fNs0DLZ%2BxyLjE0rIilAfQCA%3D&reserved=0

Report Overview

Submitted URL
eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcounterfeit-trouble-784092eb2860.herokuapp.com%2Fu%3Fmid%3D65ed7b06b3755200073363e9&data=05%7C02%7Cguyse%40elal.co.il%7C3c1a7a8b0c6941b5949b08dc5e03108a%7C4e65b2ce63ec4dff8fd9290082cc0def%7C0%7C0%7C638488614458805617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=mgjEX5T6tvcELNQIKQ49fNs0DLZ%2BxyLjE0rIilAfQCA%3D&reserved=0
IP
104.47.2.28
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-04-16 12:07:33
Access
public
Website Title
aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9
Final URL
www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
assets.apollo.io	594681	2018-01-09	2020-08-10	2024-04-13	1.8 kB	182 kB	34.102.205.190
www.aptracking1.com	172275	2018-07-25	2018-08-13	2024-04-14	1.6 kB	35 kB	34.149.61.18
eur01.safelinks.protection.outlook.com	51790	1994-08-18	2017-01-29	2024-04-16	902 B	839 B	104.47.1.28
counterfeit-trouble-784092eb2860.herokuapp.com	unknown	2010-09-19	2024-04-16	2024-04-16	531 B	968 B	18.211.231.38

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9	305 B	2024-04-16	2024-04-16
Pretty URL www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 IP 34.149.61.18 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 14:07:34 Last Seen2024-04-16 14:09:24 Times Seen2 Hash 87891102c1b702d26fa80a206306a84d bbd5f56f6120af518009e2ca80fae9ca3b461aeb ca0d63dab33f9f5ea7968a4c28574040c8f6066c7cc86944317ed4370ade10f8 Loading...

	assets.apollo.io/js/bundle-app-production-8627-07fdd6b2e595c0888e76.js	10 kB	2024-03-14	2024-04-29
Pretty URL assets.apollo.io/js/bundle-app-production-8627-07fdd6b2e595c0888e76.js IP 34.102.205.190 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-14 10:00:11 Last Seen2024-04-29 18:49:50 Times Seen58 Hash 7d5ad8e7fba48ebbf2690bbd2dcb72f4 d60185d2aa6cb1c5a8d3139a19e6b6202d9b34a6 0297744cea33c39ca71fae8de0f2a273a529f348131cfd9fc46cd9bffe927a8d Loading...

	www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9	31 kB	2024-04-16	2024-04-16
Pretty URL www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 IP 34.149.61.18 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 14:07:34 Last Seen2024-04-16 14:09:24 Times Seen2 Hash 164484b6f02542d07d425aba55ebb204 53c73e4540191c3529a76fd94d968be444f2bfeb 15bbea26584add52bf2f9d5e5fda29a5161b020863770f41926836dfa66bff6d Loading...

	assets.apollo.io/js/unsubscribe-ui.js	348 kB	2024-04-16	2024-04-16
Pretty URL assets.apollo.io/js/unsubscribe-ui.js IP 34.102.205.190 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 14:07:34 Last Seen2024-04-16 14:07:34 Times Seen2 Hash 97579d4e4b5a5096424fee9eada4b09a a1ff12f9e66014fb81cfaef7a1d45ba189775bdf 5c0c980afa596f47e2ee8128218bf506fd1f60b297ec923afa19c53b76cf820e Loading...

	unknown	316 B	2024-04-16	2024-04-16
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2024-04-16 14:07:34 Last Seen2024-04-16 14:07:34 Times Seen1 Hash 1ed3cf6e825aaf44f898f7de6ed95958 86e3dc472d8c8e623b70fa33c7b6cac73af55c8e 09964d2ebc22f0d590df548f52443e0f7c154994b0770066c613435ec19b1580 Loading...

	assets.apollo.io/js/bundle-app-production-7012-aa5ef30cf39d392a8ad9.js	164 kB	2024-04-16	2024-04-26
Pretty URL assets.apollo.io/js/bundle-app-production-7012-aa5ef30cf39d392a8ad9.js IP 34.102.205.190 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 14:07:34 Last Seen2024-04-26 05:23:54 Times Seen16 Hash dade41ae1adf837e10f2d06b15065b04 9e4857b06dbc8386541f7d7615cd1c843c280d25 92975c4e4aead4c2ef7e6bec5e09809d57158f393be5f9901dd789550e46b5a8 Loading...

	assets.apollo.io/js/bundle-app-production-8015-a4a05b611c31fdf0ac15.js	109 kB	2024-03-14	2024-04-29
Pretty URL assets.apollo.io/js/bundle-app-production-8015-a4a05b611c31fdf0ac15.js IP 34.102.205.190 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-14 10:00:10 Last Seen2024-04-29 18:49:50 Times Seen56 Hash 6237a4cdcbce9cf5d73cec3f74e31bb5 b5a70c6ff79807ab4c204b6e686cf6d010b06214 e4a00f4b22b17bf91b23ea56f334544cf1679ae5ee643c5202163deb79aabd0b Loading...

HTTP Transactions (8)

	URL	IP	Response	Size
	eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcounterfeit-trouble-784092eb2860.herokuapp.com%2Fu%3Fmid%3D65ed7b06b3755200073363e9&data=05%7C02%7Cguyse%40elal.co.il%7C3c1a7a8b0c6941b5949b08dc5e03108a%7C4e65b2ce63ec4dff8fd9290082cc0def%7C0%7C0%7C638488614458805617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=mgjEX5T6tvcELNQIKQ49fNs0DLZ%2BxyLjE0rIilAfQCA%3D&reserved=0	104.47.1.28		202 B
URL eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcounterfeit-trouble-784092eb2860.herokuapp.com%2Fu%3Fmid%3D65ed7b06b3755200073363e9&data=05%7C02%7Cguyse%40elal.co.il%7C3c1a7a8b0c6941b5949b08dc5e03108a%7C4e65b2ce63ec4dff8fd9290082cc0def%7C0%7C0%7C638488614458805617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=mgjEX5T6tvcELNQIKQ49fNs0DLZ%2BxyLjE0rIilAfQCA%3D&reserved=0 IP 104.47.1.28:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document, ASCII text, with CRLF line terminators Size 202 B (202 bytes) Hash 6e9e1f4c56517c1ce88c9749bb59c2a2 41103d8999d2477b4ee9d016ebf7eadc0b161f46 a9d75bb3b3498c7656124cf09f3669104085ea371fec1d34656a24af1d91f599 HTTP Headers GET /?url=https%3A%2F%2Fcounterfeit-trouble-784092eb2860.herokuapp.com%2Fu%3Fmid%3D65ed7b06b3755200073363e9&data=05%7C02%7Cguyse%40elal.co.il%7C3c1a7a8b0c6941b5949b08dc5e03108a%7C4e65b2ce63ec4dff8fd9290082cc0def%7C0%7C0%7C638488614458805617%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C20000%7C%7C%7C&sdata=mgjEX5T6tvcELNQIKQ49fNs0DLZ%2BxyLjE0rIilAfQCA%3D&reserved=0 HTTP/1.1 Host: eur01.safelinks.protection.outlook.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Cache-Control: private Content-Type: text/html; charset=utf-8 Location: https://counterfeit-trouble-784092eb2860.herokuapp.com/u?mid=65ed7b06b3755200073363e9 Server: Microsoft-IIS/10.0 X-AspNetMvc-Version: 4.0 X-SL-GetUrlReputation-Verdict: Good X-Robots-Tag: noindex, nofollow X-AspNet-Version: 4.0.30319 X-ServerName: VE1EUR01WS213 X-ServerVersion: 15.20.7495.016 X-ServerLat: 1010 X-SafeLinks-Tracking-Id: a9fd8902-76d0-41a3-d1dc-08dc5e0dbd3a X-Powered-By: ASP.NET X-Content-Type-Options: nosniff X-UA-Compatible: IE=Edge Date: Tue, 16 Apr 2024 12:07:08 GMT Connection: close Content-Length: 202

	counterfeit-trouble-784092eb2860.herokuapp.com/u?mid=65ed7b06b3755200073363e9	18.211.231.38	307 Temporary Redirect	150 B
URL User Request GET HTTP/1.1 counterfeit-trouble-784092eb2860.herokuapp.com/u?mid=65ed7b06b3755200073363e9 IP 18.211.231.38:443 ASN #14618 AMAZON-AES Certificate IssuerAmazon Subject.herokuapp.com Fingerprint3B:29:54:6C:7D:F7:0A:37:A4:57:D7:95:85:10:EA:20:C4:29:FB:F6 ValiditySat, 02 Mar 2024 00:00:00 GMT - Mon, 31 Mar 2025 23:59:59 GMT File type HTML document, ASCII text Size 150 B (150 bytes) Hash f612864583537fae8bf94eb98be1c518 0873e1715de7739deef4bde2059dc8d7402e9f1d ccfbcfa9e685a99c77be7cf542a686c9d2b458f289ecce0bf9a662e2a3611f98 HTTP Headers GET /u?mid=65ed7b06b3755200073363e9 HTTP/1.1 Host: counterfeit-trouble-784092eb2860.herokuapp.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 307 Temporary Redirect Server: Cowboy Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1713269229&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=DmXPQ9UP4k2nxn5zxXZvl%2B39B%2Bt7D%2BOjFeLSgAhoLRI%3D"}]} Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1713269229&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=DmXPQ9UP4k2nxn5zxXZvl%2B39B%2Bt7D%2BOjFeLSgAhoLRI%3D Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Connection: keep-alive Content-Type: text/html; charset=utf-8 Location: https://www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 Date: Tue, 16 Apr 2024 12:07:09 GMT Content-Length: 150 Via: 1.1 vegur

	assets.apollo.io/js/unsubscribe-ui.js	34.102.205.190		104 kB
URL assets.apollo.io/js/unsubscribe-ui.js IP 34.102.205.190:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type JavaScript source, Unicode text, UTF-8 text, with very long lines (64641) Size 104 kB (104338 bytes) Hash 97579d4e4b5a5096424fee9eada4b09a a1ff12f9e66014fb81cfaef7a1d45ba189775bdf 5c0c980afa596f47e2ee8128218bf506fd1f60b297ec923afa19c53b76cf820e HTTP Headers `GET /js/unsubscribe-ui.js HTTP/1.1 Host: assets.apollo.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.aptracking1.com DNT: 1 Connection: keep-alive Referer: https://www.aptracking1.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK x-guploader-uploadid: ABPtcPrStY8x6Y4FmQwdvBwFPxqqj91g9yspD73OaErnhJNQe0EM9ydehXUDMDMJtUr0tn9mxwY x-goog-generation: 1713263979892770 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 104338 content-encoding: gzip x-goog-hash: crc32c=y0705g==, md5=0IMQCBfCUTOvpUyQ8Ncqdw== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes content-length: 104338 access-control-allow-origin: * access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace server: UploadServer date: Tue, 16 Apr 2024 11:10:37 GMT last-modified: Tue, 16 Apr 2024 10:39:40 GMT etag: "d083100817c25133afa54c90f0d72a77" content-type: application/javascript age: 3393 cache-control: no-transform,public,immutable,max-age=1800 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	assets.apollo.io/js/bundle-app-production-8015-a4a05b611c31fdf0ac15.js	34.102.205.190	200 OK	33 kB
URL GET HTTP/3 assets.apollo.io/js/bundle-app-production-8015-a4a05b611c31fdf0ac15.js IP 34.102.205.190:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Requested by https://www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 Certificate IssuerGoogle Trust Services LLC Subjectassets.apollo.io Fingerprint9A:08:77:B9:F3:F5:99:42:B1:FD:72:6E:ED:0A:40:15:59:6E:CA:8F ValidityWed, 06 Mar 2024 18:07:04 GMT - Tue, 04 Jun 2024 19:00:37 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size 33 kB (33086 bytes) Hash 6237a4cdcbce9cf5d73cec3f74e31bb5 b5a70c6ff79807ab4c204b6e686cf6d010b06214 e4a00f4b22b17bf91b23ea56f334544cf1679ae5ee643c5202163deb79aabd0b HTTP Headers `GET /js/bundle-app-production-8015-a4a05b611c31fdf0ac15.js HTTP/1.1 Host: assets.apollo.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.aptracking1.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK x-guploader-uploadid: ABPtcPphX-9kEISyScBw2eRGOEY0eZQ1GQ8Igg--wfLClQeXvxd0RUjbuXYmOoChZTg8t56zZWg x-goog-generation: 1713263974067888 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 33086 content-encoding: gzip x-goog-hash: crc32c=p/6eJA==, md5=HqopAq21CHU5P2f8iE39qw== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes content-length: 33086 access-control-allow-origin: * access-control-expose-headers: * server: UploadServer date: Tue, 16 Apr 2024 11:19:37 GMT last-modified: Tue, 16 Apr 2024 10:39:34 GMT etag: "1eaa2902adb50875393f67fc884dfdab" content-type: application/javascript age: 2853 cache-control: no-transform,public,immutable,max-age=1800 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	assets.apollo.io/js/bundle-app-production-8627-07fdd6b2e595c0888e76.js	34.102.205.190		5.0 kB
URL assets.apollo.io/js/bundle-app-production-8627-07fdd6b2e595c0888e76.js IP 34.102.205.190:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type JavaScript source, ASCII text, with very long lines (10042) Size 5.0 kB (4951 bytes) Hash 7d5ad8e7fba48ebbf2690bbd2dcb72f4 d60185d2aa6cb1c5a8d3139a19e6b6202d9b34a6 0297744cea33c39ca71fae8de0f2a273a529f348131cfd9fc46cd9bffe927a8d HTTP Headers `GET /js/bundle-app-production-8627-07fdd6b2e595c0888e76.js HTTP/1.1 Host: assets.apollo.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.aptracking1.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK x-guploader-uploadid: ABPtcPqMQG56i754eKT-wzEhTqxyBKaC9gSFo0BvDWq-vV6aTNo-963ywAVuuR7z7Hkw7P12XldkrXC1jw x-goog-generation: 1713263976390971 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 4951 content-encoding: gzip x-goog-hash: crc32c=B2vTVw==, md5=+CGzQ+zoU2oBy/RaEqX6dg== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes content-length: 4951 access-control-allow-origin: * access-control-expose-headers: * server: UploadServer date: Tue, 16 Apr 2024 11:19:56 GMT last-modified: Tue, 16 Apr 2024 10:39:36 GMT etag: "f821b343ece8536a01cbf45a12a5fa76" content-type: application/javascript age: 2834 cache-control: no-transform,public,immutable,max-age=1800 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	assets.apollo.io/js/bundle-app-production-7012-aa5ef30cf39d392a8ad9.js	34.102.205.190		36 kB
URL assets.apollo.io/js/bundle-app-production-7012-aa5ef30cf39d392a8ad9.js IP 34.102.205.190:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators Size 36 kB (35888 bytes) Hash dade41ae1adf837e10f2d06b15065b04 9e4857b06dbc8386541f7d7615cd1c843c280d25 92975c4e4aead4c2ef7e6bec5e09809d57158f393be5f9901dd789550e46b5a8 HTTP Headers `GET /js/bundle-app-production-7012-aa5ef30cf39d392a8ad9.js HTTP/1.1 Host: assets.apollo.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.aptracking1.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK x-guploader-uploadid: ABPtcPolsdUiOFTkHhyWuwGYPBKAZheFTre3VOCmdc6qjZfrrdK4ADFCQLSaKzqz3S3uDMDeZD0 x-goog-generation: 1713268547852588 x-goog-metageneration: 1 x-goog-stored-content-encoding: gzip x-goog-stored-content-length: 35888 content-encoding: gzip x-goog-hash: crc32c=QGj0SA==, md5=EGOTyu9QtW4Nv7LLNGA9Kw== x-goog-storage-class: MULTI_REGIONAL accept-ranges: bytes content-length: 35888 access-control-allow-origin: * access-control-expose-headers: * server: UploadServer date: Tue, 16 Apr 2024 12:03:24 GMT last-modified: Tue, 16 Apr 2024 11:55:47 GMT etag: "106393caef50b56e0dbfb2cb34603d2b" content-type: application/javascript age: 226 cache-control: no-transform,public,immutable,max-age=1800 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.aptracking1.com/favicon.ico	34.149.61.18		1.4 kB
URL www.aptracking1.com/favicon.ico IP 34.149.61.18:0 ASN #396982 GOOGLE-CLOUD-PLATFORM File type MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel Size 1.4 kB (1406 bytes) Hash 1f5103571dcb6984d79efd6e129d5c48 ade1688fda202178126ecb7a56e851d482c50fb4 0afb297fcaf9ac134966020c8cf37ad63121529f28a509a57b3c4ee502f14e13 HTTP Headers GET /favicon.ico HTTP/1.1 Host: www.aptracking1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 Cookie: X-CSRF-TOKEN=U8ZF2g5ZVmdkljlYHJd6_mIArBsFZFgIgB4UiB52woTwy6SsQItGIckLH58JtzP7pHgTU6lpICOmgAkYMw5srQ; _leadgenie_session=nUHRFZplpk7EcfnxDs5e18i91n%2FXHWajHH5KyzUhtRvYbWwlFoR6iOjp3NJmY4FQZra1LrKbHp3sHI%2F9epOKAGvS%2FPVPAjOpLoeEOdkyo5PTFWK5uiQsThBgPOTC40UESXT%2BGmadWHr5gyz67UVE7Y0Pz4%2F9xy1eeHNjXpTSNY0129bOtefuq6vHbSphT2rFf%2BsaethwRabniDuCcMjR7xkUGNgxTqFy9WmqKyVtVBHo4az1U1XK6wAC5n0nYGMpkbGYDiAmNXTvHAVt%2BWGqnqK%2BMUFCw138md0%3D--Tr0QiTJgYUQIqQ2j--VEikip1PX4%2FiLpPfuOCJQw%3D%3D; GCLB=CO2Rmqa69PvnpwEQAw Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 200 OK date: Tue, 16 Apr 2024 12:07:10 GMT content-type: image/x-icon content-length: 1406 last-modified: Tue, 16 Apr 2024 10:34:23 GMT etag: "661e542f-57e" server: nginx accept-ranges: bytes via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9	34.149.61.18	200 OK	32 kB
URL User Request GET HTTP/2 www.aptracking1.com/u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 IP 34.149.61.18:443 ASN #396982 GOOGLE-CLOUD-PLATFORM Certificate IssuerLet's Encrypt Subject.prod-gcp.apollo.io Fingerprint6E:FB:FB:5C:06:6F:11:C3:F2:AB:29:7D:52:2B:4E:A5:D0:8D:0A:07 ValidityWed, 28 Feb 2024 04:20:31 GMT - Tue, 28 May 2024 04:20:30 GMT File type JavaScript source, ASCII text, with very long lines (31013) Size 32 kB (32203 bytes) Hash 5fc788ef597ee034c74c6db56bf09b8c 8c5da934e70b359db845646f8845262430f9b531 64fb76ff715607d085e1f3f5e0c0f3f644e2a44f55a2582954824f6a97c5846a HTTP Headers GET /u?action=render_unsubscribe&controller=redirector&mid=65ed7b06b3755200073363e9 HTTP/1.1 Host: www.aptracking1.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=utf-8 vary: Accept-Encoding, Origin status: 200 OK x-transaction-id: def47983a71dca6a0e1ec82e200f99fa cache-control: max-age=0, private, must-revalidate strict-transport-security: max-age=3600 etag: W/"64fb76ff715607d085e1f3f5e0c0f3f6" x-frame-options: ALLOWALL x-content-type-options: nosniff content-security-policy: frame-ancestors 'self' chrome-extension://alhgpfoeiimagjlnfekdhkjlkiomcapa chrome-extension://ececkagaccnfmkopaiemklekhoimmgpn .salesforce.com *.lightning.force.com date: Tue, 16 Apr 2024 12:07:09 GMT set-cookie: X-CSRF-TOKEN=U8ZF2g5ZVmdkljlYHJd6_mIArBsFZFgIgB4UiB52woTwy6SsQItGIckLH58JtzP7pHgTU6lpICOmgAkYMw5srQ; path=/; secure; SameSite=Lax _leadgenie_session=nUHRFZplpk7EcfnxDs5e18i91n%2FXHWajHH5KyzUhtRvYbWwlFoR6iOjp3NJmY4FQZra1LrKbHp3sHI%2F9epOKAGvS%2FPVPAjOpLoeEOdkyo5PTFWK5uiQsThBgPOTC40UESXT%2BGmadWHr5gyz67UVE7Y0Pz4%2F9xy1eeHNjXpTSNY0129bOtefuq6vHbSphT2rFf%2BsaethwRabniDuCcMjR7xkUGNgxTqFy9WmqKyVtVBHo4az1U1XK6wAC5n0nYGMpkbGYDiAmNXTvHAVt%2BWGqnqK%2BMUFCw138md0%3D--Tr0QiTJgYUQIqQ2j--VEikip1PX4%2FiLpPfuOCJQw%3D%3D; path=/; secure; HttpOnly; SameSite=None GCLB=CO2Rmqa69PvnpwEQAw; path=/; HttpOnly; expires=Tue, 16-Apr-2024 12:17:09 GMT server: nginx content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (8)

URL

IP

ASN

File type

Size

Hash

HTTP Headers