ideen.geschenk-tipp.net Open in urlscan Pro
62.27.38.101 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ideen.geschenk-tipp.net/c/mv?EMID=08A065T01E6AS0EC5BU00VFUD5S&TYPE=HTML
Effective URL:
http://ideen.geschenk-tipp.net/c/mv
Submission: On April 25 via api (April 25th 2022, 4:08:28 am UTC) from DE — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 11 HTTP transactions. The main IP is 62.27.38.101, located in Germany and belongs to ECOTEL, DE. The main domain is ideen.geschenk-tipp.net.

This is the only time ideen.geschenk-tipp.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	62.27.38.101 62.27.38.101	12312 (ECOTEL) (ECOTEL)
1	52.218.28.34 52.218.28.34	16509 (AMAZON-02) (AMAZON-02)
1	94.31.29.128 94.31.29.128	6461 (ZAYO-6461) (ZAYO-6461)
1	35.156.148.82 35.156.148.82	16509 (AMAZON-02) (AMAZON-02)
1	87.118.126.55 87.118.126.55	31103 (KEYWEB-AS) (KEYWEB-AS)
11	6

3 62.27.38.101 (Germany)

ASN12312 (ECOTEL, DE)
PTR: fagms.net

ideen.geschenk-tipp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.28.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com

llcrm.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.128 (London, United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.128.IPYX-077437-ZYO.above.net

lottoland-lottoland.bannerflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.148.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-148-82.eu-central-1.compute.amazonaws.com

www.trustedshops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.126.55 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: gepard.diebeiden.at

www.p2tl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	geschenk-tipp.net ideen.geschenk-tipp.net	28 KB
1	p2tl.com www.p2tl.com	240 B
1	trustedshops.com www.trustedshops.com — Cisco Umbrella Rank: 99177	10 KB
1	bannerflow.com lottoland-lottoland.bannerflow.com — Cisco Umbrella Rank: 326926	146 KB
1	amazonaws.com llcrm.s3.amazonaws.com	9 KB
11	5

	Domain	Requested by
3	ideen.geschenk-tipp.net	ideen.geschenk-tipp.net
1	www.p2tl.com	ideen.geschenk-tipp.net
1	www.trustedshops.com	ideen.geschenk-tipp.net
1	lottoland-lottoland.bannerflow.com	ideen.geschenk-tipp.net
1	llcrm.s3.amazonaws.com	ideen.geschenk-tipp.net
11	5

This site contains no links.

Subject Issuer	Validity	Valid
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.bannerflow.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-26` - `2023-01-24`	a year	crt.sh
*.trustedshops.com Amazon	`2021-11-28` - `2022-12-26`	a year	crt.sh
p2tl.com R3	`2022-04-22` - `2022-07-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://ideen.geschenk-tipp.net/c/mv
Frame ID: F01965F42BDE08C1ACE2D17F808D83FF
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Endlich wieder super Aussichten!

Page URL History Show full URLs

http://ideen.geschenk-tipp.net/c/mv?EMID=08A065T01E6AS0EC5BU00VFUD5S&TYPE=HTML Page URL
http://ideen.geschenk-tipp.net/c/mv Page URL

Page Statistics

11
Requests

36 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

193 kB
Transfer

191 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ideen.geschenk-tipp.net/c/mv?EMID=08A065T01E6AS0EC5BU00VFUD5S&TYPE=HTML Page URL
http://ideen.geschenk-tipp.net/c/mv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	mv Show response ideen.geschenk-tipp.net/c/	345 B 574 B	153ms 23ms	Document text/html	62.27.38.101 ECOTEL
General Check archive.org Show headers Download Go to Full URL http://ideen.geschenk-tipp.net/c/mv?EMID=08A065T01E6AS0EC5BU00VFUD5S&TYPE=HTML Protocol HTTP/1.1 Server 62.27.38.101 , Germany, ASN12312 (ECOTEL, DE), Reverse DNS fagms.net Software Apache / Resource Hash `86a2fa90029cc41d4e642acce3f9b070208528eb3e137ef7aa85521686f965e8` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Type text/html; charset=iso-8859-1 Date Mon, 25 Apr 2022 04:08:23 GMT Server Apache Transfer-Encoding chunked
POST H/1.1	200 OK	Primary Request mv Show response ideen.geschenk-tipp.net/c/	27 KB 27 KB	122ms 115ms	Document text/html	62.27.38.101 ECOTEL
General Check archive.org Show headers Download Go to Full URL http://ideen.geschenk-tipp.net/c/mv Protocol HTTP/1.1 Server 62.27.38.101 , Germany, ASN12312 (ECOTEL, DE), Reverse DNS fagms.net Software Apache / Resource Hash `53e94d7257c5be15ba9fe1eb9bd7dbf6882c5adc05c8274837a30fd3e0843bd6` Request headers Content-Type application/x-www-form-urlencoded Origin http://ideen.geschenk-tipp.net Referer http://ideen.geschenk-tipp.net/c/mv?EMID=08A065T01E6AS0EC5BU00VFUD5S&TYPE=HTML Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Type text/html;charset=UTF-8 Date Mon, 25 Apr 2022 04:08:23 GMT Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	ll_logo_2x.png llcrm.s3.amazonaws.com/html/Thanos/	8 KB 9 KB	146ms 44ms	Image image/png	52.218.28.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://llcrm.s3.amazonaws.com/html/Thanos/ll_logo_2x.png Requested by Host: ideen.geschenk-tipp.net URL: http://ideen.geschenk-tipp.net/c/mv Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.28.34 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-3-w.amazonaws.com Software AmazonS3 / Resource Hash `129cbf8d5af7d6e1a2243bb1b16b2fdeaf272c9dd6409a8f552ed285d5c87de7` Request headers accept-language de-DE,de;q=0.9 Referer http://ideen.geschenk-tipp.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Date Mon, 25 Apr 2022 04:08:25 GMT Last-Modified Fri, 20 Mar 2020 15:18:15 GMT Server AmazonS3 x-amz-request-id 02SPAPPGDVX6DV5A ETag "8ce01c1d4633740ae52d96833694b17a" Content-Type image/png Accept-Ranges bytes Content-Length 8509 x-amz-id-2 Gj3MBBXmyJhHey+skFskpdAUCdElCcl5viFfwIr/7ZIyc6b6qFNeJj8e4z8WxHRIAR+u2J2B9gI=
GET H2	200	5eb93b435f987b4250be3183.OqqXGCOq95H1.jpg lottoland-lottoland.bannerflow.com/bf-images/	146 KB 146 KB	154ms 12ms	Image image/jpeg	94.31.29.128 ZAYO-6461
General Check archive.org Show headers Download Go to Show image Full URL https://lottoland-lottoland.bannerflow.com/bf-images/5eb93b435f987b4250be3183.OqqXGCOq95H1.jpg Requested by Host: ideen.geschenk-tipp.net URL: http://ideen.geschenk-tipp.net/c/mv Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 94.31.29.128 London, United Kingdom, ASN6461 (ZAYO-6461, US), Reverse DNS 94.31.29.128.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash `ea96c30b95286ba729e96d2920515c28289722041ef66bfb786b69f12057bbf3` Request headers accept-language de-DE,de;q=0.9 Referer http://ideen.geschenk-tipp.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 25 Apr 2022 04:08:24 GMT content-md5 SYxyrsmsmEDeY2jItmLXdg== x-cache HIT content-length 149159 x-ms-lease-state available x-ms-lease-status unlocked last-modified Sat, 23 Apr 2022 17:43:12 GMT server NetDNA-cache/2.2 etag "0x8DA2550BD2545A3" content-type image/jpeg access-control-allow-origin * x-ms-request-id f0b1b8e9-e01e-0009-6058-5857d1000000 cache-control public, max-age=900 x-ms-version 2014-02-14 accept-ranges bytes
GET H2	200	X6DA5B2DCED3217D31688A89110B23EBF.gif www.trustedshops.com/bewertung/widget/widgets/	10 KB 10 KB	37ms 9ms	Image image/gif	35.156.148.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.trustedshops.com/bewertung/widget/widgets/X6DA5B2DCED3217D31688A89110B23EBF.gif Requested by Host: ideen.geschenk-tipp.net URL: http://ideen.geschenk-tipp.net/c/mv Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.156.148.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-148-82.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash `b7269baa8775d03849571e21d9402b157f076ff24551ca6403e5596e2d057e5b` Request headers accept-language de-DE,de;q=0.9 Referer http://ideen.geschenk-tipp.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers date Mon, 25 Apr 2022 04:08:23 GMT last-modified Sun, 24 Apr 2022 04:54:42 GMT server Apache content-type image/gif cache-control max-age=9978 accept-ranges bytes content-length 10516 expires Mon, 25 Apr 2022 06:54:42 GMT
GET H2	200	fonspVqGP2TV.gif www.p2tl.com/	43 B 240 B	117ms 46ms	Image image/gif	87.118.126.55 KEYWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.p2tl.com/fonspVqGP2TV.gif Requested by Host: ideen.geschenk-tipp.net URL: http://ideen.geschenk-tipp.net/c/mv Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.118.126.55 , Germany, ASN31103 (KEYWEB-AS, DE), Reverse DNS gepard.diebeiden.at Software nginx / PleskLin Resource Hash `aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22` Request headers accept-language de-DE,de;q=0.9 Referer http://ideen.geschenk-tipp.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers pragma no-cache date Mon, 25 Apr 2022 04:08:24 GMT cache-control no-store server nginx content-type image/gif x-powered-by PleskLin expires Fri, 15 Apr 2022 04:08:24 GMT
GET H/1.1	200 OK	redirector ideen.geschenk-tipp.net/cgi-bin/	43 B 279 B	18ms 11ms	Image image/gif	62.27.38.101 ECOTEL
General Check archive.org Show headers Download Go to Show image Full URL http://ideen.geschenk-tipp.net/cgi-bin/redirector?EMID=08A065T01E6AS0EC5BU00VFUD5S&ACTION=h Requested by Host: ideen.geschenk-tipp.net URL: http://ideen.geschenk-tipp.net/c/mv Protocol HTTP/1.1 Server 62.27.38.101 , Germany, ASN12312 (ECOTEL, DE), Reverse DNS fagms.net Software Apache / Resource Hash `834fa0a764d2fbf8d1bdc9095fc3f93d708bda023b4225fab907f25f51939a54` Request headers accept-language de-DE,de;q=0.9 Referer http://ideen.geschenk-tipp.net/c/mv User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Response headers Date Mon, 25 Apr 2022 04:08:23 GMT Last-Modified Tue, 18 Apr 2017 14:40:22 GMT Server Apache ETag "a10ce-2b-54d71e338096a" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 43
GET		daxlineRegular.woff llcrm.s3.amazonaws.com/email-webfonts/	0 0

GET		daxlineBold.woff llcrm.s3.amazonaws.com/email-webfonts/	0 0

GET		daxlineRegular.ttf llcrm.s3.amazonaws.com/email-webfonts/	0 0

GET		daxlineBold.ttf llcrm.s3.amazonaws.com/email-webfonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: llcrm.s3.amazonaws.com
URL: https://llcrm.s3.amazonaws.com/email-webfonts/daxlineRegular.woff

Domain: llcrm.s3.amazonaws.com
URL: https://llcrm.s3.amazonaws.com/email-webfonts/daxlineBold.woff

Domain: llcrm.s3.amazonaws.com
URL: https://llcrm.s3.amazonaws.com/email-webfonts/daxlineRegular.ttf

Domain: llcrm.s3.amazonaws.com
URL: https://llcrm.s3.amazonaws.com/email-webfonts/daxlineBold.ttf

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://ideen.geschenk-tipp.net/c/mv Message: Access to font at 'https://llcrm.s3.amazonaws.com/email-webfonts/daxlineRegular.woff' from origin 'http://ideen.geschenk-tipp.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://llcrm.s3.amazonaws.com/email-webfonts/daxlineRegular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://ideen.geschenk-tipp.net/c/mv Message: Access to font at 'https://llcrm.s3.amazonaws.com/email-webfonts/daxlineBold.woff' from origin 'http://ideen.geschenk-tipp.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://llcrm.s3.amazonaws.com/email-webfonts/daxlineBold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://ideen.geschenk-tipp.net/c/mv Message: Access to font at 'https://llcrm.s3.amazonaws.com/email-webfonts/daxlineRegular.ttf' from origin 'http://ideen.geschenk-tipp.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://llcrm.s3.amazonaws.com/email-webfonts/daxlineRegular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://ideen.geschenk-tipp.net/c/mv Message: Access to font at 'https://llcrm.s3.amazonaws.com/email-webfonts/daxlineBold.ttf' from origin 'http://ideen.geschenk-tipp.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://llcrm.s3.amazonaws.com/email-webfonts/daxlineBold.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ideen.geschenk-tipp.net
llcrm.s3.amazonaws.com
lottoland-lottoland.bannerflow.com
www.p2tl.com
www.trustedshops.com
llcrm.s3.amazonaws.com
35.156.148.82
52.218.28.34
62.27.38.101
87.118.126.55
94.31.29.128
129cbf8d5af7d6e1a2243bb1b16b2fdeaf272c9dd6409a8f552ed285d5c87de7
53e94d7257c5be15ba9fe1eb9bd7dbf6882c5adc05c8274837a30fd3e0843bd6
834fa0a764d2fbf8d1bdc9095fc3f93d708bda023b4225fab907f25f51939a54
86a2fa90029cc41d4e642acce3f9b070208528eb3e137ef7aa85521686f965e8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b7269baa8775d03849571e21d9402b157f076ff24551ca6403e5596e2d057e5b
ea96c30b95286ba729e96d2920515c28289722041ef66bfb786b69f12057bbf3

ideen.geschenk-tipp.net Open in urlscan Pro 62.27.38.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

36 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

193 kBTransfer

191 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

8 Console Messages

Indicators

ideen.geschenk-tipp.net Open in urlscan Pro
62.27.38.101 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

36 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

193 kB
Transfer

191 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions