urlscan.io logo urlscan.io
SecurityTrails logo

dragobfouch.za.com Open in urlscan Pro
147.78.241.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsletter.eurowings.com/?d=https://m.exactag.com/cl.aspx?extProvApi=b2c&extProvID=99&extPu=ew-email&extLi=promo_14-2023_...
Effective URL: https://dragobfouch.za.com//big/wishes//yabwfk///%2?et_uk=2899632840084a0383db020c632b8916
Submission: On April 08 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 1 HTTP transactions. The main IP is 147.78.241.254, located in Tokyo, Japan and belongs to XTOM xTom GmbH, DE. The main domain is dragobfouch.za.com.
TLS certificate: Issued by R3 on April 6th 2023. Valid for: 3 months.
This is the only time dragobfouch.za.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 80.146.253.124 3320 (DTAG Inte...)
1 1 213.202.235.9 24961 (MYLOC-AS ...)
1 147.78.241.254 3214 (XTOM xTom...)
1 1
Apex Domain
Subdomains		 Transfer
1 za.com
dragobfouch.za.com
513 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 15774
2 KB
1 eurowings.com
newsletter.eurowings.com
334 B
1 3
Domain Requested by
1 dragobfouch.za.com
1 m.exactag.com 1 redirects
1 newsletter.eurowings.com 1 redirects
1 3

This site contains no links.

Subject Issuer Validity Valid
*.dragobfouch.za.com
R3		 2023-04-06 -
2023-07-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dragobfouch.za.com//big/wishes//yabwfk///%2?et_uk=2899632840084a0383db020c632b8916
Frame ID: 02EC4539B3857ED195CE5235281E6F14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

400 Bad Request

Page URL History Show full URLs

  1. https://newsletter.eurowings.com/?d=https://m.exactag.com/cl.aspx?extProvApi=b2c&extProvID=99&extPu=ew-email&... HTTP 302
    https://m.exactag.com/cl.aspx?extProvApi=b2c&extProvID=99&extPu=ew-email&extLi=promo_14-2023_de-DE... HTTP 302
    https://dragobfouch.za.com//big/wishes//yabwfk///%2?et_uk=2899632840084a0383db020c632b8916 Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

1 kB
Transfer

0 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://newsletter.eurowings.com/?d=https://m.exactag.com/cl.aspx?extProvApi=b2c&extProvID=99&extPu=ew-email&extLi=promo_14-2023_de-DE_sixt&url=https://dragobfouch.za.com//big/wishes//yabwfk///%2 HTTP 302
    https://m.exactag.com/cl.aspx?extProvApi=b2c&extProvID=99&extPu=ew-email&extLi=promo_14-2023_de-DE_sixt&url=https://dragobfouch.za.com//big/wishes//yabwfk///%2 HTTP 302
    https://dragobfouch.za.com//big/wishes//yabwfk///%2?et_uk=2899632840084a0383db020c632b8916 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request %2
dragobfouch.za.com//big/wishes//yabwfk///
Redirect Chain
  • https://newsletter.eurowings.com/?d=https://m.exactag.com/cl.aspx?extProvApi=b2c&extProvID=99&extPu=ew-email&extLi=promo_14-2023_de-DE_sixt&url=https://dragobfouch.za.com//big/wishes//yabwfk///%2
  • https://m.exactag.com/cl.aspx?extProvApi=b2c&extProvID=99&extPu=ew-email&extLi=promo_14-2023_de-DE_sixt&url=https://dragobfouch.za.com//big/wishes//yabwfk///%2
  • https://dragobfouch.za.com//big/wishes//yabwfk///%2?et_uk=2899632840084a0383db020c632b8916
347 B
513 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dragobfouch.za.com//big/wishes//yabwfk///%2?et_uk=2899632840084a0383db020c632b8916
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
147.78.241.254 Tokyo, Japan, ASN3214 (XTOM xTom GmbH, DE),
Reverse DNS
147.78.241.254.static.xtom.com
Software
Apache /
Resource Hash
62b8c6a861c29fd530a2bd593137ffcee945bacea4502795cde6a921bb1c87ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
347
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 08 Apr 2023 22:28:47 GMT
Server
Apache

Redirect headers

Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1000
Cache-Control
private
Connection
close
Content-Length
0
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 08 Apr 2023 22:28:47 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Sa, 08 Apr 2023 10:28:47 GMT
Location
https://dragobfouch.za.com//big/wishes//yabwfk///%2?et_uk=2899632840084a0383db020c632b8916
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-ET-Camp
977
X-ET-Code
0
X-ET-Monitoring
1
X-Xss-Protection
0
cross-origin-resource-policy
cross-origin

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

5 Cookies

Domain/Path Name / Value
m.exactag.com/ Name: exactag_new_gk
Value: f3ab7971bc164a8384bd9da755c8a0e1%7c07.06.2023+22%3a28%3a46
m.exactag.com/ Name: exactag_new_uk
Value: 2899632840084a0383db020c632b8916%7c
m.exactag.com/ Name: exactag_new_user
Value: 977%7c1%7c5deb69e9e5a7198c647ecba6d13722a2%7c01.01.0001+00%3a00%3a00%7c01.01.0001+00%3a00%3a00%7c%7c3137850%7c13270%7cFalse
m.exactag.com/ Name: session_session
Value: 07a80e0f11374d8c9052ea5e
m.exactag.com/ Name: exactag_new_cpv
Value: 977%7cb06c28baaf4f1f0e573784b3a110bd6e%7c%7c%7c%7c08.04.2023+22%3a28%3a47%7cFalse%7cFalse

1 Console Messages

Source Level URL
Text
network error URL: https://dragobfouch.za.com//big/wishes//yabwfk///%2?et_uk=2899632840084a0383db020c632b8916
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dragobfouch.za.com
m.exactag.com
newsletter.eurowings.com
147.78.241.254
213.202.235.9
80.146.253.124
62b8c6a861c29fd530a2bd593137ffcee945bacea4502795cde6a921bb1c87ca