promotioncenter-24.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sheshlin.com/rd/c55160SqsCd12568715FVnl385LHm6634123Apat2372
Effective URL:
https://promotioncenter-24.com/promotion/weightloss_de/nehmen-sie-am-tag-und-uber-nacht-ab-a/?oid=6&affid=347&_ef_transaction_i...
Submission: On April 21 via api (April 21st 2023, 8:45:06 pm UTC) from BE — Scanned from DE

Summary HTTP 52 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 11 domains to perform 52 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is promotioncenter-24.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2022. Valid for: a year.

This is the only time promotioncenter-24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	46.17.248.124 46.17.248.124	29470 (RETNNET-AS) (RETNNET-AS)
1 1	23.229.68.104 23.229.68.104	55286 (SERVER-MANIA) (SERVER-MANIA)
2 2	192.186.135.128 192.186.135.128	55286 (SERVER-MANIA) (SERVER-MANIA)
1 1	34.95.122.223 34.95.122.223	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	35.227.239.203 35.227.239.203	15169 (GOOGLE) (GOOGLE)
33	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:372a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7b60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
52	9

2 46.17.248.124 (Kazan’, Russian Federation) 1 redirects

ASN29470 (RETNNET-AS, RU)

sheshlin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.229.68.104 (Buffalo, United States) 1 redirects

ASN55286 (SERVER-MANIA, CA)
PTR: final-if.oriongross.com

www.catophelm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.186.135.128 (Buffalo, United States) 2 redirects

ASN55286 (SERVER-MANIA, CA)
PTR: mta128.quick-buzzer.eu

aazo3.hitchyouroffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aazo3.readytied.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.122.223 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.122.95.34.bc.googleusercontent.com

www.trh12trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.239.203 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 203.239.227.35.bc.googleusercontent.com

www.a54rotrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

promotioncenter-24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:372a (United States)

ASN13335 (CLOUDFLARENET, US)

de.besteantrag24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7b60 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	promotioncenter-24.com promotioncenter-24.com	538 KB
10	gstatic.com fonts.gstatic.com	281 KB
4	a54rotrk.com 1 redirects www.a54rotrk.com	19 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344 www.cloudflare.com — Cisco Umbrella Rank: 4985	83 KB
2	sheshlin.com 1 redirects sheshlin.com	641 B
1	besteantrag24.com de.besteantrag24.com	50 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
1	trh12trk.com 1 redirects www.trh12trk.com	479 B
1	readytied.com 1 redirects aazo3.readytied.com	828 B
1	hitchyouroffers.com 1 redirects aazo3.hitchyouroffers.com	815 B
1	catophelm.com 1 redirects www.catophelm.com	337 B
52	11

	Domain	Requested by
33	promotioncenter-24.com	sheshlin.com promotioncenter-24.com
10	fonts.gstatic.com	fonts.googleapis.com
4	www.a54rotrk.com	1 redirects promotioncenter-24.com www.a54rotrk.com
2	cdnjs.cloudflare.com	promotioncenter-24.com cdnjs.cloudflare.com
2	sheshlin.com	1 redirects
1	www.cloudflare.com	promotioncenter-24.com
1	de.besteantrag24.com	promotioncenter-24.com
1	fonts.googleapis.com	promotioncenter-24.com
1	www.trh12trk.com	1 redirects
1	aazo3.readytied.com	1 redirects
1	aazo3.hitchyouroffers.com	1 redirects
1	www.catophelm.com	1 redirects
52	12

This site contains links to these domains. Also see Links.

Domain
justgetyour.money

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-30` - `2023-07-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
a54rotrk.com Starfield Secure Certificate Authority - G2	`2022-12-03` - `2024-01-04`	a year	crt.sh
www.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-27` - `2023-09-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://promotioncenter-24.com/promotion/weightloss_de/nehmen-sie-am-tag-und-uber-nacht-ab-a/?oid=6&affid=347&_ef_transaction_id=ea7ee1c158784a50919237257e2172f3
Frame ID: 264B44F4764898750C4EA31835E0C96A
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Slimmestar

Page URL History Show full URLs

http://sheshlin.com/rd/c55160SqsCd12568715FVnl385LHm6634123Apat2372 Page URL
http://sheshlin.com/track/c55160SqsCd12568715FVnl385LHm6634123Apat2372 HTTP 302
https://www.catophelm.com/wDKzRSCNmbCKNStTsaPfJYaUiaGnY8cMMrAi_xL2QZeZ6zYVjEeE2H58DllaVZ9Xpw0Cfo7h3fHG... HTTP 302
https://aazo3.hitchyouroffers.com/?kw=821810&s1=723715221 HTTP 302
https://aazo3.readytied.com/o/DY38FLIA/6111853a-e085-11ed-8700-67a96aa5797e/61195f94-e085-11ed-9f79-a9c0... HTTP 302
https://www.trh12trk.com/59QC8Z/3C89885/?sub1=61d20b02-e085-11ed-ab22-915413991f14&sub2=74651&sub3=73... HTTP 302
https://www.a54rotrk.com/JQ3TTZ/9B9DM/?sub1=3694045dc8664fa7a6507f53c22b2c33&sub=95&sub3=74651&PR_ID=... HTTP 302
https://promotioncenter-24.com/promotion/weightloss_de/nehmen-sie-am-tag-und-uber-nacht-ab-a/?oid=6&affid=3... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

52
Requests

98 %
HTTPS

55 %
IPv6

11
Domains

12
Subdomains

9
IPs

3
Countries

974 kB
Transfer

1188 kB
Size

11
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://justgetyour.money/
Title: Information for affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sheshlin.com/rd/c55160SqsCd12568715FVnl385LHm6634123Apat2372 Page URL
http://sheshlin.com/track/c55160SqsCd12568715FVnl385LHm6634123Apat2372 HTTP 302
https://www.catophelm.com/wDKzRSCNmbCKNStTsaPfJYaUiaGnY8cMMrAi_xL2QZeZ6zYVjEeE2H58DllaVZ9Xpw0Cfo7h3fHGHI80Rqb0zw~~/55/2372-55160/12568715-385-6634123 HTTP 302
https://aazo3.hitchyouroffers.com/?kw=821810&s1=723715221 HTTP 302
https://aazo3.readytied.com/o/DY38FLIA/6111853a-e085-11ed-8700-67a96aa5797e/61195f94-e085-11ed-9f79-a9c0f297c62c HTTP 302
https://www.trh12trk.com/59QC8Z/3C89885/?sub1=61d20b02-e085-11ed-ab22-915413991f14&sub2=74651&sub3=737927f8418&PR_ID=AF-5105& HTTP 302
https://www.a54rotrk.com/JQ3TTZ/9B9DM/?sub1=3694045dc8664fa7a6507f53c22b2c33&sub=95&sub3=74651&PR_ID=AF-5105 HTTP 302
https://promotioncenter-24.com/promotion/weightloss_de/nehmen-sie-am-tag-und-uber-nacht-ab-a/?oid=6&affid=347&_ef_transaction_id=ea7ee1c158784a50919237257e2172f3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK c55160SqsCd12568715FVnl385LHm6634123Apat2372
sheshlin.com/rd/ 243 B
360 B 128ms
55ms Document
text/html 46.17.248.124
RETNNET-AS

General

Domain/Path	Expires	Name / Value
.catophelm.com/	1969-12-31 23:59:59	Name: uid10862 Value: 723715221-20230421164454-39bba8cfa996c1dbaa93ea0ea7f139f8-
aazo3.hitchyouroffers.com/	1970-01-20 11:15:17	Name: yredir_session Value: eyJpdiI6IjJYcEkzYmo0ZlNQQWhkZW1MQXcxTUE9PSIsInZhbHVlIjoiSUtXQmhldlRBNkNYUm1TTUhaNTJmOEZiSUI5eDJKdVpmYWI3L056aG9PNmpsMFd4bUp3OFc4TkFhcHo1NFpnSXMvOHVPd0lhQVlLS0YwRXlvVkE3K2JoNU1BeGdVK1lTb3BVbFAwY24zVTJ0cFlKU1dDcHc4Yk5zN1Y2ZmNEeTAiLCJtYWMiOiI4NzM1MmMwOTUyZjc5ZTVhMWIwMzA1ODI5YzIwYjY5MjI4OGY3YWUxZjQ1MzQ0Y2Q2N2M4NTMxZWQxMmRhOGNjIiwidGFnIjoiIn0%3D
aazo3.readytied.com/	1970-01-20 11:15:17	Name: yredir_session Value: eyJpdiI6Im9Kb2VjeS9WVHpSdmR2Y2Y5S1RhQWc9PSIsInZhbHVlIjoiYXJzcHdUNnMwSGQ5WnRBcC9pRTRYaklnVkxvTWJsU0xZVUtUL2NPQzFPNlcwWUhtYW1sbHdmTnRqNW1jOXoyelBuSG5yVmZRMU0zcEFMVmJoUU9UQXpucG1oYVNLN2tzb0F3MHQ5akVoSlNtTnVEUVRSSmJmVEF6bEVUM0RCRmEiLCJtYWMiOiI1NzljOTI2YmM1NzI5ZWViZjQ4YWJlNzIzODQwZjU3YWY5MWFmMzAxNzcxZDIyYzZkNjlhZmJkNjFlOGNhNTdmIiwidGFnIjoiIn0%3D
www.trh12trk.com/	1970-01-20 11:16:36	Name: uniqueClick_3C89885 Value: 3cba34a4-55bc-49e2-a0ea-02547958cf18:1682109899
www.trh12trk.com/	1970-01-20 13:24:45	Name: transaction_id Value: 3694045dc8664fa7a6507f53c22b2c33
www.a54rotrk.com/	1970-01-20 13:24:45	Name: uniqueClick_9B9DM Value: 0f292245-2262-4e6a-a18f-f00acf3f615f:1682109900
www.a54rotrk.com/	1970-01-20 13:24:45	Name: transaction_id Value: ea7ee1c158784a50919237257e2172f3
www.a54rotrk.com/	1970-01-20 13:24:45	Name: uniqueClick Value: 07f85284-17ec-4e6e-8583-962688f8c3b8:1682109901
promotioncenter-24.com/	1970-01-20 11:58:21	Name: ef_witness Value: 1
promotioncenter-24.com/	1970-01-20 11:58:21	Name: ef_tid_c_o_6 Value: ea7ee1c158784a50919237257e2172f3
promotioncenter-24.com/	1970-01-20 11:58:21	Name: ef_tid_c_a_3 Value: ea7ee1c158784a50919237257e2172f3

Source	Level	URL Text
network	error	URL: https://promotioncenter-24.com/promotion/weightloss_de/nehmen-sie-am-tag-und-uber-nacht-ab-a/img/top_icon.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promotioncenter-24.com/promotion/weightloss_de/nehmen-sie-am-tag-und-uber-nacht-ab-a/img/mail.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://promotioncenter-24.com/promotion/weightloss_de/nehmen-sie-am-tag-und-uber-nacht-ab-a/img/phone.svg Message: Failed to load resource: the server responded with a status of 404 ()

promotioncenter-24.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

98 %HTTPS

55 %IPv6

11 Domains

12 Subdomains

9 IPs

3 Countries

974 kBTransfer

1188 kBSize

11 Cookies

1 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

promotioncenter-24.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

98 %
HTTPS

55 %
IPv6

11
Domains

12
Subdomains

9
IPs

3
Countries

974 kB
Transfer

1188 kB
Size

11
Cookies

52 HTTP transactions
1 data transactions