urlscan.io logo urlscan.io
SecurityTrails logo

shopping-voucher02.topchance24-7.de Open in urlscan Pro
188.95.252.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ix-event.com.tr/SQ/D4/?id=2049893031
Effective URL: https://shopping-voucher02.topchance24-7.de/campaign_4135.html?coyoteAffiliTokenId=515502721&additionalParamString=91-16018990&tpid=34&
Submission: On July 01 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 14 domains to perform 10 HTTP transactions. The main IP is 188.95.252.78, located in and belongs to . The main domain is shopping-voucher02.topchance24-7.de.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 16th 2024. Valid for: 3 months.
This is the only time shopping-voucher02.topchance24-7.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:310... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 172.67.149.199 13335 (CLOUDFLAR...)
2 2600:9000:237... 16509 (AMAZON-02)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
2 2 54.197.115.225 14618 (AMAZON-AES)
1 1 188.95.252.33 ()
1 188.95.252.78 ()
1 104.18.10.207 ()
10 4
1    2606:4700:3108::ac42:2b94 (United States)

ASN13335 (CLOUDFLARENET, US)
ix-event.com.tr
1    2606:4700:3037::6815:4996 (United States)

ASN13335 (CLOUDFLARENET, US)
verification.str-x.xyz
1    172.67.149.199 (United States)

ASN13335 (CLOUDFLARENET, US)
smrturl.co
2    2600:9000:237d:3200:b:fbce:c40:21 (United States)

ASN16509 (AMAZON-02, US)
d3khua7ksvxesx.cloudfront.net
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fly.bluejaymobi.com
2    54.197.115.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-115-225.compute-1.amazonaws.com
gowedoo.com
1    188.95.252.33 (None, )

ASN- ()
gewinn-ometer.com
1    188.95.252.78 (None, )

ASN- ()
shopping-voucher02.topchance24-7.de
1    104.18.10.207 (None, )

ASN- ()
maxcdn.bootstrapcdn.com
Domain Requested by
2 gowedoo.com 2 redirects
2 d3khua7ksvxesx.cloudfront.net
1 maxcdn.bootstrapcdn.com shopping-voucher02.topchance24-7.de
1 shopping-voucher02.topchance24-7.de d3khua7ksvxesx.cloudfront.net
shopping-voucher02.topchance24-7.de
1 gewinn-ometer.com 1 redirects
1 fly.bluejaymobi.com 1 redirects
1 smrturl.co 1 redirects
1 verification.str-x.xyz 1 redirects
1 ix-event.com.tr 1 redirects
0 static.cleverpush.com Failed shopping-voucher02.topchance24-7.de
0 fonts.googleapis.com Failed shopping-voucher02.topchance24-7.de
0 www.googletagmanager.com Failed shopping-voucher02.topchance24-7.de
0 www.google-analytics.com Failed shopping-voucher02.topchance24-7.de
0 ajax.aspnetcdn.com Failed shopping-voucher02.topchance24-7.de
10 14

This site contains no links.

Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
shopping-voucher02.topchance24-7.de
cPanel, Inc. Certification Authority		 2024-06-16 -
2024-09-14		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://shopping-voucher02.topchance24-7.de/campaign_4135.html?coyoteAffiliTokenId=515502721&additionalParamString=91-16018990&tpid=34&
Frame ID: 5799B04F2E705622221733B4314C367C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ix-event.com.tr/SQ/D4/?id=2049893031 HTTP 302
    https://verification.str-x.xyz/ HTTP 302
    https://smrturl.co/e143d85 HTTP 302
    https://d3khua7ksvxesx.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53359663&offer_position=1&visitor_... Page URL
  2. https://fly.bluejaymobi.com/click?pid=3554&offer_id=81521&sub2=Cdbd14a91ef62a&sub5=237823&sub6=null&sub7... HTTP 302
    https://gowedoo.com/?E=eIyiC%2f6E3mpe0tU4Naj%2fIw%3d%3d&s1=3554&s2=6682e757787d14000192203e&s3=2... HTTP 302
    https://gowedoo.com/?E=eIyiC%2f6E3mpe0tU4Naj%2fIw%3d%3d&s1=3554&s2=6682e757787d14000192203e&s3=2... HTTP 302
    https://gewinn-ometer.com/de,amazon,500euro,voucher,coreg,banner,headline,192,(old,178),optin,popup,af... HTTP 302
    https://shopping-voucher02.topchance24-7.de/campaign_4135.html?coyoteAffiliTokenId=515502721&additionalParamString=91-16... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

10
Requests

40 %
HTTPS

33 %
IPv6

14
Domains

14
Subdomains

4
IPs

2
Countries

9 kB
Transfer

125 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ix-event.com.tr/SQ/D4/?id=2049893031 HTTP 302
    https://verification.str-x.xyz/ HTTP 302
    https://smrturl.co/e143d85 HTTP 302
    https://d3khua7ksvxesx.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53359663&offer_position=1&visitor_id=Vdb99ed9ee3407&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=b242e5671d2d8148c46157b6ec8e3682 Page URL
  2. https://fly.bluejaymobi.com/click?pid=3554&offer_id=81521&sub2=Cdbd14a91ef62a&sub5=237823&sub6=null&sub7=null HTTP 302
    https://gowedoo.com/?E=eIyiC%2f6E3mpe0tU4Naj%2fIw%3d%3d&s1=3554&s2=6682e757787d14000192203e&s3=237823 HTTP 302
    https://gowedoo.com/?E=eIyiC%2f6E3mpe0tU4Naj%2fIw%3d%3d&s1=3554&s2=6682e757787d14000192203e&s3=237823&ch-redir=1&ckmxid=cq1eemqi0001ri3dfdo0 HTTP 302
    https://gewinn-ometer.com/de,amazon,500euro,voucher,coreg,banner,headline,192,(old,178),optin,popup,aff_2645.html?idPartner=1601&subId=159&subIdentifier=3554&additionalParamString=91-16018990&tpid=34 HTTP 302
    https://shopping-voucher02.topchance24-7.de/campaign_4135.html?coyoteAffiliTokenId=515502721&additionalParamString=91-16018990&tpid=34& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ix-event.com.tr/SQ/D4/?id=2049893031 HTTP 302
  • https://verification.str-x.xyz/ HTTP 302
  • https://smrturl.co/e143d85 HTTP 302
  • https://d3khua7ksvxesx.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53359663&offer_position=1&visitor_id=Vdb99ed9ee3407&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=b242e5671d2d8148c46157b6ec8e3682

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
smartLinkClick.php
d3khua7ksvxesx.cloudfront.net/public/dynamo/
Redirect Chain
  • https://ix-event.com.tr/SQ/D4/?id=2049893031
  • https://verification.str-x.xyz/
  • https://smrturl.co/e143d85
  • https://d3khua7ksvxesx.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53359663&offer_position=1&visitor_id=Vdb99ed9ee3407&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=b24...
617 B
1016 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d3khua7ksvxesx.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53359663&offer_position=1&visitor_id=Vdb99ed9ee3407&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=b242e5671d2d8148c46157b6ec8e3682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:3200:b:fbce:c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
617
content-type
text/html; charset=UTF-8
date
Mon, 01 Jul 2024 17:28:55 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
via
1.1 9f8416bf8a85d328bf3649469ef2a474.cloudfront.net (CloudFront)
x-amz-cf-id
XzdTb6wbAy-lA2te4rG1NW7nj43_9LTTZTieggtdpHi_rpetGsRvhA==
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
x-powered-by
PHP/7.4.11

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89c81d807b2218db-FRA
content-type
text/html; charset=UTF-8
date
Mon, 01 Jul 2024 17:28:55 GMT
location
https://d3khua7ksvxesx.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53359663&offer_position=1&visitor_id=Vdb99ed9ee3407&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=b242e5671d2d8148c46157b6ec8e3682
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2NTpFuaFJITrQ9OEGAt3chuhM01F%2FusSLTiy05T3PUTLhn8lg8IIhZW5zD3l3YBQcLeebZVLSptazPZp9VZHyGQgovB3JUVbdLzz4PRxqDiiIIUx8I%2BjBXehW8i%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.11
Primary Request campaign_4135.html
shopping-voucher02.topchance24-7.de/
Redirect Chain
  • https://fly.bluejaymobi.com/click?pid=3554&offer_id=81521&sub2=Cdbd14a91ef62a&sub5=237823&sub6=null&sub7=null
  • https://gowedoo.com/?E=eIyiC%2f6E3mpe0tU4Naj%2fIw%3d%3d&s1=3554&s2=6682e757787d14000192203e&s3=237823
  • https://gowedoo.com/?E=eIyiC%2f6E3mpe0tU4Naj%2fIw%3d%3d&s1=3554&s2=6682e757787d14000192203e&s3=237823&ch-redir=1&ckmxid=cq1eemqi0001ri3dfdo0
  • https://gewinn-ometer.com/de,amazon,500euro,voucher,coreg,banner,headline,192,(old,178),optin,popup,aff_2645.html?idPartner=1601&subId=159&subIdentifier=3554&additionalParamString=91-16018990&tpid=34
  • https://shopping-voucher02.topchance24-7.de/campaign_4135.html?coyoteAffiliTokenId=515502721&additionalParamString=91-16018990&tpid=34&
94 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://shopping-voucher02.topchance24-7.de/campaign_4135.html?coyoteAffiliTokenId=515502721&additionalParamString=91-16018990&tpid=34&
Requested by
Host: d3khua7ksvxesx.cloudfront.net
URL: https://d3khua7ksvxesx.cloudfront.net/public/dynamo/smartLinkClick.php?offer_id=53359663&offer_position=1&visitor_id=Vdb99ed9ee3407&m=0&user_id=237823&it=4319812&key=d1d6a&s2=smart-e143d85&hash=b242e5671d2d8148c46157b6ec8e3682
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.95.252.78 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 Jul 2024 17:29:00 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 Jul 2024 17:28:59 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://shopping-voucher02.topchance24-7.de/campaign_4135.html?coyoteAffiliTokenId=515502721&additionalParamString=91-16018990&tpid=34&
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
favicon.ico
d3khua7ksvxesx.cloudfront.net/ 		0
279 B 		Other
General
Check archive.org
Download Go to
Full URL
https://d3khua7ksvxesx.cloudfront.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:3200:b:fbce:c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:28:56 GMT
via
1.1 9f8416bf8a85d328bf3649469ef2a474.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
MUC50-P2
x-powered-by
PHP/7.4.11
x-cache
Error from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
_J-Tl_cjvXMqRH-E38-9-NmCVd6HagNm1ztM8uSHyNJ4skxuVq4R3g==
jquery-3.4.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ 		0
0
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: shopping-voucher02.topchance24-7.de
URL: https://shopping-voucher02.topchance24-7.de/campaign_4135.html?coyoteAffiliTokenId=515502721&additionalParamString=91-16018990&tpid=34&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://shopping-voucher02.topchance24-7.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:29:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2070759
cdn-cachedat
03/18/2024 12:28:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
bb792bb28d99edb841becb492f8c9e34
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
89c81da4cf4f9b21-FRA
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
css2
fonts.googleapis.com/ 		0
0
2rMrCFW2WBGCqndJH.js
static.cleverpush.com/channel/loader/ 		0
0
375_glg-banner-top.png
shopping-voucher02.topchance24-7.de/media/adresseManager/bildverwaltung/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajax.aspnetcdn.com
URL
https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-QWM4Z8VE53
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Domain
static.cleverpush.com
URL
https://static.cleverpush.com/channel/loader/2rMrCFW2WBGCqndJH.js
Domain
shopping-voucher02.topchance24-7.de
URL
https://shopping-voucher02.topchance24-7.de/media/adresseManager/bildverwaltung/375_glg-banner-top.png

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

9 Cookies

Domain/Path Name / Value
ix-event.com.tr/SQ/D4 Name: form_token
Value: 1evlhp2iak1cvj2nv736ermiug
ix-event.com.tr/ Name: PHPSESSID
Value: 1evlhp2iak1cvj2nv736ermiug
smrturl.co/ Name: CPABUILD_API
Value: 75924b0db84c38450d02
d3khua7ksvxesx.cloudfront.net/ Name: dynamo_v_id
Value: Vdb99ed9ee3407
fly.bluejaymobi.com/ Name: afclick
Value: 6682e757787d14000192203e
fly.bluejaymobi.com/ Name: afoffers
Value: {"81521":1719854935}
.gowedoo.com/ Name: sid
Value: RWPodCz6gMg+LLmTuYEmQYO8EzTZhDQiS2XYlk6F7gO537+2loBXXA==
.gowedoo.com/ Name: trk
Value: w5PzBhroGdk+LLmTuYEmQYO8EzTZhDQiS2XYlk6F7gO537+2loBXXA==
.gowedoo.com/ Name: c91
Value: RWPodCz6gMjX507WnMuIbKdwICo75Z3ar6Q7tx1eVdA=

1 Console Messages

Source Level URL
Text
network error URL: https://d3khua7ksvxesx.cloudfront.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()