dk.gainonlinediscount.com
Open in
urlscan Pro
2606:4700:30::681c:ca
Public Scan
Effective URL: https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&fi...
Submission: On December 30 via manual from DK
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 17th 2019. Valid for: 10 months.
This is the only time dk.gainonlinediscount.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.50.225.188 52.50.225.188 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 35.241.7.124 35.241.7.124 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
10 | 2606:4700:30:... 2606:4700:30::681c:ca | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2606:4700::68... 2606:4700::6812:e134 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
2 | 2606:4700:30:... 2606:4700:30::681b:b27f | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
16 | 6 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-225-188.eu-west-1.compute.amazonaws.com
poweroffr.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 124.7.241.35.bc.googleusercontent.com
trk.traffikflow.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dk.gainonlinediscount.com |
ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
api.mdsyzz.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
gainonlinediscount.com
dk.gainonlinediscount.com |
38 KB |
2 |
mdsyzz.com
api.mdsyzz.com |
1 KB |
1 |
facebook.net
connect.facebook.net |
30 KB |
1 |
onesignal.com
cdn.onesignal.com |
3 KB |
1 |
googleapis.com
ajax.googleapis.com |
29 KB |
1 |
traffikflow.com
trk.traffikflow.com |
803 B |
1 |
poweroffr.com
1 redirects
poweroffr.com |
760 B |
16 | 7 |
Domain | Requested by | |
---|---|---|
10 | dk.gainonlinediscount.com |
trk.traffikflow.com
dk.gainonlinediscount.com |
2 | api.mdsyzz.com |
dk.gainonlinediscount.com
api.mdsyzz.com |
1 | connect.facebook.net |
dk.gainonlinediscount.com
|
1 | cdn.onesignal.com |
dk.gainonlinediscount.com
|
1 | ajax.googleapis.com |
dk.gainonlinediscount.com
|
1 | trk.traffikflow.com | |
1 | poweroffr.com | 1 redirects |
16 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
trk.antrk10.tech Let's Encrypt Authority X3 |
2019-12-24 - 2020-03-23 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-12-17 - 2020-10-09 |
10 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-10-11 - 2020-04-18 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email=
Frame ID: 3966884037164B36604CAFD224A3C479
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://poweroffr.com/?a=5706&c=25052&s1=&s2=direct&ckmguid=5a3d8a67-4afc-47d1-902f-f07a2f3d32d5
HTTP 302
https://trk.traffikflow.com/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706 Page URL
- https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d9... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Google Cloud (CDN) Expand
Detected patterns
- headers via /^1\.1 google$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://poweroffr.com/?a=5706&c=25052&s1=&s2=direct&ckmguid=5a3d8a67-4afc-47d1-902f-f07a2f3d32d5
HTTP 302
https://trk.traffikflow.com/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706 Page URL
- https://dk.gainonlinediscount.com/?br=acf258c&transaction_id=5e09e7a0fc7be60446c33333&info1=5db81c7ab6920d37d978a003&info2=5706&firstname=&lastname=&address=&postcode=&city=&telephone=&email= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://poweroffr.com/?a=5706&c=25052&s1=&s2=direct&ckmguid=5a3d8a67-4afc-47d1-902f-f07a2f3d32d5 HTTP 302
- https://trk.traffikflow.com/5dfcb2f6b6920d7f873fca68?p1=24212-460866602&source=5706
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
5dfcb2f6b6920d7f873fca68
trk.traffikflow.com/ Redirect Chain
|
604 B 803 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
dk.gainonlinediscount.com/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
luz_blank_ns.css
dk.gainonlinediscount.com/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
auto-push.min.js
api.mdsyzz.com/ |
1 KB 934 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-005-green.png
dk.gainonlinediscount.com/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-006.png
dk.gainonlinediscount.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-007.png
dk.gainonlinediscount.com/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico-lock-001.png
dk.gainonlinediscount.com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-secure-001.png
dk.gainonlinediscount.com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-secure-002.png
dk.gainonlinediscount.com/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-secure-003.png
dk.gainonlinediscount.com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cards.png
dk.gainonlinediscount.com/images/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
36484b16-6271-44dc-94ef-ef9060a3a7f0
api.mdsyzz.com/rest/v1/p-apps/get-id/ |
36 B 438 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| fbq function| _fbq object| OneSignal function| InitializePush function| httpGetAsync function| getUrlVars function| getUrlParam4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dk.gainonlinediscount.com/ | Name: psid Value: 5706 |
|
dk.gainonlinediscount.com/ | Name: pid Value: 5db81c7ab6920d37d978a003 |
|
dk.gainonlinediscount.com/ | Name: tid Value: 5e09e7a0fc7be60446c33333 |
|
.gainonlinediscount.com/ | Name: __cfduid Value: dcdddf7e17b41e8ed6c0ed22db30a2f461577707424 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
api.mdsyzz.com
cdn.onesignal.com
connect.facebook.net
dk.gainonlinediscount.com
poweroffr.com
trk.traffikflow.com
2606:4700:30::681b:b27f
2606:4700:30::681c:ca
2606:4700::6812:e134
2a00:1450:4001:808::200a
2a03:2880:f01c:216:face:b00c:0:3
35.241.7.124
52.50.225.188
16e91cc325f0748b0b5b53cf66ff0297421861b8bfaf61f2babe63dfa726d474
18a4e2e7726e17e8dc58d6d8ba96b49fc2d75059d062603418fbb75d26a89c78
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
32ae6f8bf2095b42f39b4714115865a453617428736198c1de0bb52560c5e9cb
347b3b4db0a6d5f693bf6a50c3d9fb5308f20309a621c506ccc3a3663c73af9f
57680f0e91bb6634a16cf3122a0de33e75ac21eb2582417a2a7d5e83bc542139
6474f5a67ada40f796c70e05d822bfafd34459163ecbcf23c60078c67e1c935f
71281cc06f09c72fc2eebddf474d8df2e5d93cf5d166e5c356931d5f38902d34
8283001fa2b1e4648d502d67249b0f7f5acf4ed235c7015f431fad02a5bebf7d
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
a57928af2b1bd47b7eb48b6767eda88d3bc86a2bfc3039a6552d0e1f07081630
a657b1e7190b012fad7a49540881b78a03fa8ed5a1b818ceca18ec77b5c6f419
b0b41ead7d73c51545a6b97022fdf4a60c64d4910136516f2f8832d2f11d7bed
b0e939227323fc87b6ed375b01df1475b3ccfb38e171d62e747f3bf0f03d439d
c59929931be8943b71586f06dd32e83f3b13726fc92d6ef6c44a97299a2686af
d875200ea2a2e82aed31acbaea33d98a62f4e185b80dc8c3f8318a36eb30df71