urlscan.io logo urlscan.io
SecurityTrails logo

hnko.cuoo.eu Open in urlscan Pro
3.74.210.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kun.cbvspea.com/cl/2e5b8cfd583e81da?p1=121763306&p2=5870576&source=propellerads&site=1830040
Effective URL: https://hnko.cuoo.eu/?clickid=122343026&source=%5Bsource%5D
Submission: On August 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 4 countries across 4 domains to perform 4 HTTP transactions. The main IP is 3.74.210.187, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is hnko.cuoo.eu.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 12th 2023. Valid for: a year.
This is the only time hnko.cuoo.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 3.9.239.39 16509 (AMAZON-02)
3 3.74.210.187 16509 (AMAZON-02)
4 2
Apex Domain
Subdomains		 Transfer
3 cuoo.eu
hnko.cuoo.eu
19 KB
2 heathyday.com
www.heathyday.com
606 B
1 cbvspea.com
kun.cbvspea.com
1 KB
0 berrylook.com Failed
www.berrylook.com Failed
4 4
Domain Requested by
3 hnko.cuoo.eu hnko.cuoo.eu
2 www.heathyday.com 2 redirects
1 kun.cbvspea.com 1 redirects
0 www.berrylook.com Failed hnko.cuoo.eu
4 4

This site contains no links.

Subject Issuer Validity Valid
cuoo.eu
Amazon RSA 2048 M02		 2023-11-12 -
2024-12-11		 a year crt.sh

This page contains 1 frames:

Frame: https://www.berrylook.com/?utm_source=affiliates&utm_medium=tradetracker&utm_campaign=311549&utm_content=12
Frame ID: A6385298D70188DAB76ACB5BC94643CB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

...

Page URL History Show full URLs

  1. https://kun.cbvspea.com/cl/2e5b8cfd583e81da?p1=121763306&p2=5870576&source=propellerads&site=1830040 HTTP 302
    https://www.heathyday.com/click.php?c=28&key=ooiv6q9iet342q6hcbh56k8h&reason_tb=16384&source=propeller... HTTP 302
    https://www.heathyday.com/click.php?c=32&key=5y0go7n5aedof1614e7721mv&type=lottery HTTP 302
    https://hnko.cuoo.eu/?clickid=122343026&source=%5Bsource%5D Page URL

Page Statistics

4
Requests

75 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

2
IPs

4
Countries

19 kB
Transfer

50 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kun.cbvspea.com/cl/2e5b8cfd583e81da?p1=121763306&p2=5870576&source=propellerads&site=1830040 HTTP 302
    https://www.heathyday.com/click.php?c=28&key=ooiv6q9iet342q6hcbh56k8h&reason_tb=16384&source=propellerads&site=1830040&campaign_id=549238&type=lottery HTTP 302
    https://www.heathyday.com/click.php?c=32&key=5y0go7n5aedof1614e7721mv&type=lottery HTTP 302
    https://hnko.cuoo.eu/?clickid=122343026&source=%5Bsource%5D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://tc.tradetracker.net/?a=311549&c=29324&m=12&r=0002f10b13bb-71d0-4eb7-a6f5-5d6c3a76abf4 HTTP 301
  • https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=177522&cid=29324&data=12%3A%3A311549%3A%3A0002f10b13bb-71d0-4eb7-a6f5-5d6c3a76abf4%3A%3A%3A%3A1722676526&url=https%3A%2F%2Fwww.berrylook.com%2F%3Futm_source%3Daffiliates%26utm_medium%3Dtradetracker%26utm_campaign%3D311549%26utm_content%3D12 HTTP 301
  • https://www.berrylook.com/?utm_source=affiliates&utm_medium=tradetracker&utm_campaign=311549&utm_content=12

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hnko.cuoo.eu/
Redirect Chain
  • https://kun.cbvspea.com/cl/2e5b8cfd583e81da?p1=121763306&p2=5870576&source=propellerads&site=1830040
  • https://www.heathyday.com/click.php?c=28&key=ooiv6q9iet342q6hcbh56k8h&reason_tb=16384&source=propellerads&site=1830040&campaign_id=549238&type=lottery
  • https://www.heathyday.com/click.php?c=32&key=5y0go7n5aedof1614e7721mv&type=lottery
  • https://hnko.cuoo.eu/?clickid=122343026&source=%5Bsource%5D
606 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hnko.cuoo.eu/?clickid=122343026&source=%5Bsource%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.210.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-210-187.eu-central-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
af4e03f13163987d7430b96b86d59539b6a029d9f1dee582135fa259d96cff74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-length
606
content-type
text/html; charset=utf-8
cross-origin-window-policy
deny
date
Sat, 03 Aug 2024 09:15:25 GMT
server
Cowboy
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
F-gtLCQP7C8kbFQBzAZR
x-xss-protection
1; mode=block

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 03 Aug 2024 09:15:24 GMT
location
https://hnko.cuoo.eu?clickid=122343026&source=%5Bsource%5D
server
nginx
x-powered-by
PHP/5.6.40
app-642ae931240e0db1527587cdf74aca7e.js
hnko.cuoo.eu/js/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hnko.cuoo.eu/js/app-642ae931240e0db1527587cdf74aca7e.js?vsn=d
Requested by
Host: hnko.cuoo.eu
URL: https://hnko.cuoo.eu/?clickid=122343026&source=%5Bsource%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.210.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-210-187.eu-central-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
44eb1c43dbd5953c5d3aea031d0470770cc422a7ec6bd6b444891ecb9d728835

Request headers

Referer
https://hnko.cuoo.eu/?clickid=122343026&source=%5Bsource%5D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 03 Aug 2024 09:15:25 GMT
content-encoding
gzip
server
Cowboy
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17813
data
hnko.cuoo.eu/post/ 		0
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hnko.cuoo.eu/post/data
Requested by
Host: hnko.cuoo.eu
URL: https://hnko.cuoo.eu/js/app-642ae931240e0db1527587cdf74aca7e.js?vsn=d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.210.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-210-187.eu-central-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hnko.cuoo.eu/?clickid=122343026&source=%5Bsource%5D
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Aug 2024 09:15:25 GMT
x-content-type-options
nosniff
server
Cowboy
x-permitted-cross-domain-policies
none
cross-origin-window-policy
deny
x-download-options
noopen
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-request-id
F-gtLFNm_i04KwcBzAax
/
www.berrylook.com/
Redirect Chain
  • https://tc.tradetracker.net/?a=311549&c=29324&m=12&r=0002f10b13bb-71d0-4eb7-a6f5-5d6c3a76abf4
  • https://sc.tradetracker.net/tracker/merchant?e=clk&cstid=177522&cid=29324&data=12%3A%3A311549%3A%3A0002f10b13bb-71d0-4eb7-a6f5-5d6c3a76abf4%3A%3A%3A%3A1722676526&url=https%3A%2F%2Fwww.berrylook.com...
  • https://www.berrylook.com/?utm_source=affiliates&utm_medium=tradetracker&utm_campaign=311549&utm_content=12
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.berrylook.com
URL
https://www.berrylook.com/?utm_source=affiliates&utm_medium=tradetracker&utm_campaign=311549&utm_content=12

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ClientJS string| s

10 Cookies

Domain/Path Name / Value
kun.cbvspea.com/ Name: sbc2e5b8cfd583e81da
Value: eyJpdiI6Im5tV3cvWi9SalVNYXhoZ0VwU1Y4Y3c9PSIsInZhbHVlIjoiM1Z0VlZVb1JUdlJNS3k1a0llK2kxUT09IiwibWFjIjoiMGU3ODY4OWY1NjRlYWIwMmNjYzM5ODc4ZmNjZDc3MTNlNTI4NzZiODFkNGUwZDNlNDNlNjE5MjZmOTQxNGJmMyIsInRhZyI6IiJ9
kun.cbvspea.com/ Name: vis
Value: eyJpdiI6IjcwMi9yYUF4SC84Z0s3SWI5dzhyaVE9PSIsInZhbHVlIjoibWhqdiswaG1yVGUzWlNvcm1Jc0Frdz09IiwibWFjIjoiYTgwYWZmZmJmN2I2MjI0Yzg4MGQ0MzUwNmE4YzhkMWM4OWI5ZmNhOGUyYjU5N2U2ZmM5YTEzODgzNzQyNjc1YSIsInRhZyI6IiJ9
.www.heathyday.com/ Name: IMT1722676524911
Value: nlbGwGI1p3Vm4qfrRNJ3xQ%3D%3DsnJQN818h5ujd3Olyiijm49dqhldorQTT2Iz4JuLntU%3D
.www.heathyday.com/ Name: IMT1722676524966
Value: MDX6q3ew11jhCG7bxbqBtQ%3D%3DfGWkpfglgmKVD6k8dU397qff%2F8S8hznt76%2BRfBhjrrs%3D
hnko.cuoo.eu/ Name: client_uid
Value: a2c7e13a-946e-4d99-8376-155668fa9554
hnko.cuoo.eu/ Name: sub_id
Value: 219543
hnko.cuoo.eu/ Name: visit
Value: 0002f10b13bb-71d0-4eb7-a6f5-5d6c3a76abf4
.tradetracker.net/ Name: uf
Value: 8wmuEtHz5PEm8gogJq34QEdqRC9YRDFCbWVDdmdWMkh3clBhbXVqck5Ga2x0RERmWHJSU0xrQmlwN3FJQkErNC9iSVJodkN0Q1ZlNnY3amVWdWRPQlBIQjdWaFlmaWo4Z2JjQ1lnPT0%3D
.tradetracker.net/ Name: __tdat29324
Value: MTcyMjY3NjUyNjo6MTI6OjMxMTU0OTo6MDAwMmYxMGIxM2JiLTcxZDAtNGViNy1hNmY1LTVkNmMzYTc2YWJmNDo6Zjo6OTAxMzg3ZWY2MjlmMzk5Y2FjNGU3Y2YyMGE2NmNlZTE%3D
.tradetracker.net/ Name: TTcst_177522
Value: 12%3A%3A311549%3A%3A0002f10b13bb-71d0-4eb7-a6f5-5d6c3a76abf4%3A%3A%3A%3A1722676526%3A%3A29324

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block