urlscan.io logo urlscan.io
SecurityTrails logo

jeuske.qncehjbgk.com Open in urlscan Pro
52.223.26.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cwin.online/
Effective URL: https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7
Submission: On April 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 52.223.26.90, located in United States and belongs to AMAZON-02, US. The main domain is jeuske.qncehjbgk.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 28th 2023. Valid for: a year.
This is the only time jeuske.qncehjbgk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 45.64.53.81 64050 (BCPL-SG B...)
4 52.223.26.90 16509 (AMAZON-02)
6 99.83.215.239 ()
13 3
Apex Domain
Subdomains		 Transfer
6 getwakeup.com
ewtakg.getwakeup.com
40 KB
4 qncehjbgk.com
jeuske.qncehjbgk.com
282 KB
2 cwin.online
cwin.online
407 B
13 3
Domain Requested by
6 ewtakg.getwakeup.com jeuske.qncehjbgk.com
4 jeuske.qncehjbgk.com jeuske.qncehjbgk.com
2 cwin.online 2 redirects
13 3

This site contains no links.

Subject Issuer Validity Valid
*.livehelp100service.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-03-28		 a year crt.sh

This page contains 3 frames:

Primary Page: https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7
Frame ID: 20BD81F1365099127406658FB9C4F0FB
Requests: 6 HTTP requests in this frame

Frame: https://jeuske.qncehjbgk.com/visitorside/js/bundle.7154d1cdf8f14de7df0ca3739aaa264b.js
Frame ID: E639F65D3B4422A1A079B12C89944C1F
Requests: 6 HTTP requests in this frame

Frame: https://jeuske.qncehjbgk.com/visitorside/js/p2pchat.1f27b3e5c5afc9b913cff267463334fa.js
Frame ID: BE15F8D2870A7C91758047606B772D00
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. http://cwin.online/ HTTP 301
    https://cwin.online:6688/ HTTP 301
    https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

13
Requests

77 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

323 kB
Transfer

1252 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cwin.online/ HTTP 301
    https://cwin.online:6688/ HTTP 301
    https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request chatwindow.aspx
jeuske.qncehjbgk.com/
Redirect Chain
  • http://cwin.online/
  • https://cwin.online:6688/
  • https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7
13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.26.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1385b7f5c44ce1d7.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e9b1082f12c7ac3e1f3c64b73f1acaaa243aff1904d76fa952ce0acce7bf2a26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 14 Apr 2023 16:28:09 GMT
server
Kestrel
vary
Accept-Encoding

Redirect headers

content-length
162
content-type
text/html
date
Fri, 14 Apr 2023 16:28:05 GMT
location
https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7
server
nginx
strict-transport-security
max-age=31536000
livechat.ashx
jeuske.qncehjbgk.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeuske.qncehjbgk.com/livechat.ashx?siteId=60001528
Requested by
Host: jeuske.qncehjbgk.com
URL: https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.26.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1385b7f5c44ce1d7.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
29951a7adc0f8dbe7d609d1e9adc9d92713c9faec9ded338b89bd55029b9dd32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 16:28:10 GMT
server
Kestrel
content-length
1364
content-type
application/x-javascript; charset=utf-8
bundle.7154d1cdf8f14de7df0ca3739aaa264b.js
jeuske.qncehjbgk.com/visitorside/js/ Frame E639 		1 MB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeuske.qncehjbgk.com/visitorside/js/bundle.7154d1cdf8f14de7df0ca3739aaa264b.js
Requested by
Host: jeuske.qncehjbgk.com
URL: https://jeuske.qncehjbgk.com/livechat.ashx?siteId=60001528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.26.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1385b7f5c44ce1d7.awsglobalaccelerator.com
Software
nginx/1.22.1 /
Resource Hash
c777b7e1fbc3327cc6b1f221228bfeb0c5ff0e1cc6b5357ac630f18a4894ac4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 16:28:12 GMT
content-encoding
br
last-modified
Thu, 06 Apr 2023 02:57:02 GMT
server
nginx/1.22.1
etag
W/"642e34fe-123491"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
visitor.ashx
ewtakg.getwakeup.com/ Frame E639 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewtakg.getwakeup.com/visitor.ashx?siteId=60001528
Requested by
Host: jeuske.qncehjbgk.com
URL: https://jeuske.qncehjbgk.com/visitorside/js/bundle.7154d1cdf8f14de7df0ca3739aaa264b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.215.239 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
72c6d5db745be52981aa091a5fd2ea85da98a7008ae5fd17915dd5c2a390d343

Request headers

Referer
https://jeuske.qncehjbgk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Apr 2023 16:28:14 GMT
content-encoding
gzip
arr
arr1
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
arrserver
node5chatserver
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-type
text/json; charset=utf-8
access-control-allow-origin
https://jeuske.qncehjbgk.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
content-length
728
visitor.ashx
ewtakg.getwakeup.com/ Frame E639 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewtakg.getwakeup.com/visitor.ashx?siteId=60001528
Requested by
Host: jeuske.qncehjbgk.com
URL: https://jeuske.qncehjbgk.com/visitorside/js/bundle.7154d1cdf8f14de7df0ca3739aaa264b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.215.239 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
abb5d52dae0fca5327f5a735f5b5ec1aa8ab34a1600a29af8ec2c57912da21ad

Request headers

Referer
https://jeuske.qncehjbgk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Apr 2023 16:28:14 GMT
content-encoding
gzip
arr
arr1
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
arrserver
node5chatserver
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-type
text/json; charset=utf-8
access-control-allow-origin
https://jeuske.qncehjbgk.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
content-length
593
campaign.ashx
ewtakg.getwakeup.com/ Frame E639 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewtakg.getwakeup.com/campaign.ashx?siteId=60001528&campaignId=bcfa7f82-ede6-4857-941f-3b9c153941c7&lastUpdateTime=1F3B65F3
Requested by
Host: jeuske.qncehjbgk.com
URL: https://jeuske.qncehjbgk.com/visitorside/js/bundle.7154d1cdf8f14de7df0ca3739aaa264b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.215.239 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
0322a74845a376ef5769bc568a6dbeb0f294c41d9b549581442ea80d00bfa627

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jeuske.qncehjbgk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 16:28:15 GMT
content-encoding
gzip
arr
arr1
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
arrserver
node5chatserver
vary
Accept-Encoding
content-type
text/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
content-length
4296
visitor.ashx
ewtakg.getwakeup.com/ Frame E639 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewtakg.getwakeup.com/visitor.ashx?siteId=60001528&visitorGuid=ffaccece-2af2-4d71-8b4f-665bbeea2658
Requested by
Host: jeuske.qncehjbgk.com
URL: https://jeuske.qncehjbgk.com/visitorside/js/bundle.7154d1cdf8f14de7df0ca3739aaa264b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.215.239 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
4ca0f69b029042ec4804cb33f33cf7aaf2bf740b54d78fa2262261a94af20386

Request headers

Referer
https://jeuske.qncehjbgk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 14 Apr 2023 16:28:15 GMT
content-encoding
gzip
arr
arr1
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
arrserver
node5chatserver
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
content-type
text/json; charset=utf-8
access-control-allow-origin
https://jeuske.qncehjbgk.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
content-length
782
p2pchat.1f27b3e5c5afc9b913cff267463334fa.js
jeuske.qncehjbgk.com/visitorside/js/ Frame BE15 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jeuske.qncehjbgk.com/visitorside/js/p2pchat.1f27b3e5c5afc9b913cff267463334fa.js
Requested by
Host: jeuske.qncehjbgk.com
URL: https://jeuske.qncehjbgk.com/visitorside/js/bundle.7154d1cdf8f14de7df0ca3739aaa264b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.26.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1385b7f5c44ce1d7.awsglobalaccelerator.com
Software
nginx/1.22.1 /
Resource Hash
6247a38f5af41744363bb8122fb983b21ff19f0f486908fb5d93a59fa3f472cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jeuske.qncehjbgk.com/chatwindow.aspx?siteId=60001528&planId=bcfa7f82-ede6-4857-941f-3b9c153941c7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 16:28:15 GMT
content-encoding
br
last-modified
Thu, 06 Apr 2023 02:57:02 GMT
server
nginx/1.22.1
etag
W/"642e34fe-7137"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
background3.png
ewtakg.getwakeup.com/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewtakg.getwakeup.com/images/background3.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.215.239 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
6684c77e6fea57fc538b5a459ccbc92f95733ddf0497b7348c604e6ef1aa65f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jeuske.qncehjbgk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 16:28:15 GMT
arr
arr1
last-modified
Wed, 31 Mar 2021 06:02:52 GMT
server
Microsoft-IIS/10.0
etag
"0ce187cf325d71:0"
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
arrserver
node5chatserver
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=864000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
content-length
20712
sourcesanspro-regular.woff
jeuske.qncehjbgk.com/visitorside/fonts/ 		0
0
DBImage.ashx
ewtakg.getwakeup.com/DBResource/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewtakg.getwakeup.com/DBResource/DBImage.ashx?campaignId=bcfa7f82-ede6-4857-941f-3b9c153941c7&imgType=1&ver=1F3B65F3&siteId=60001528
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.215.239 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ARR/3.0, ASP.NET
Resource Hash
0329f8478b7a41f0828cdf1145d95f40ae20f82e77ef22a1245c70cfdba7fb2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://jeuske.qncehjbgk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 16:28:15 GMT
arr
arr1
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET, ARR/3.0, ASP.NET
arrserver
node5chatserver
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
content-length
11809
sourcesanspro-semibold.woff
jeuske.qncehjbgk.com/visitorside/fonts/ 		0
0
visitor.ashx
ewtakg.getwakeup.com/ Frame E639 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jeuske.qncehjbgk.com
URL
https://jeuske.qncehjbgk.com/visitorside/fonts/sourcesanspro-regular.woff
Domain
jeuske.qncehjbgk.com
URL
https://jeuske.qncehjbgk.com/visitorside/fonts/sourcesanspro-semibold.woff
Domain
ewtakg.getwakeup.com
URL
https://ewtakg.getwakeup.com/visitor.ashx?siteId=60001528&visitorGuid=ffaccece-2af2-4d71-8b4f-665bbeea2658

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| OnlineHelpAPI string| brandingNameLowerCase string| brandingName string| webrtc_log function| P2PChat

0 Cookies