www.harzfriends.de Open in urlscan Pro
78.46.155.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.redirectcenter.com/
Effective URL:
https://www.harzfriends.de/myred/108.php?f=c
Submission: On March 27 via api (March 27th 2024, 2:46:39 am UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 21 HTTP transactions. The main IP is 78.46.155.196, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.harzfriends.de.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on August 9th 2023. Valid for: a year.

This is the only time www.harzfriends.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	95.130.17.35 95.130.17.35	13246 (INETWIRE-...) (INETWIRE-AS Wilhelm-Wagenfeld-Str. 16)
9	78.46.155.196 78.46.155.196	24940 (HETZNER-AS) (HETZNER-AS)
3	2600:9000:215... 2600:9000:2156:ba00:6:92b8:d800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	167.233.8.197 167.233.8.197	24940 (HETZNER-AS) (HETZNER-AS)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.184.202 142.250.184.202	() ()
21	7

3 95.130.17.35 (Germany) 3 redirects

ASN13246 (INETWIRE-AS Wilhelm-Wagenfeld-Str. 16, DE)

www.redirectcenter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkorganizer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 78.46.155.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi3962.your-server.de

www.harzfriends.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sylverlight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:ba00:6:92b8:d800:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.trafficclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.8.197 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.197.8.233.167.clients.your-server.de

track.traffic.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

zixu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	harzfriends.de www.harzfriends.de	2 KB
3	sylverlight.net sylverlight.net	1 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 728	89 KB
3	trafficclub.com static.trafficclub.com	8 KB
2	zixu.de zixu.de	1 KB
2	traffic.club track.traffic.club	411 B
2	redirectcenter.com 2 redirects www.redirectcenter.com	468 B
1	linkorganizer.de 1 redirects www.linkorganizer.de	234 B
21	8

	Domain	Requested by
6	www.harzfriends.de
3	sylverlight.net
3	ajax.googleapis.com	static.trafficclub.com
3	static.trafficclub.com	www.harzfriends.de
2	zixu.de	www.harzfriends.de
2	track.traffic.club	static.trafficclub.com
2	www.redirectcenter.com	2 redirects
1	www.linkorganizer.de	1 redirects
21	8

This site contains no links.

Subject Issuer	Validity	Valid
harzfriends.de Encryption Everywhere DV TLS CA - G2	`2023-08-09` - `2024-08-09`	a year	crt.sh
static.trafficclub.com Amazon RSA 2048 M02	`2023-11-12` - `2024-12-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
track.traffic.club GlobeSSL DV CA	`2023-10-10` - `2024-11-09`	a year	crt.sh
zixu.de GTS CA 1P5	`2024-02-17` - `2024-05-17`	3 months	crt.sh
sylverlight.net Encryption Everywhere DV TLS CA - G2	`2023-10-14` - `2024-10-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.harzfriends.de/myred/108.php?f=c
Frame ID: 0FD37502B88E7514C69F11289F968477
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.redirectcenter.com/ HTTP 307
https://www.redirectcenter.com/ HTTP 307
http://www.redirectcenter.com/ HTTP 301
https://www.harzfriends.de/myred/114.php?f=z Page URL
https://zixu.de/ Page URL
https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5yZWRpcmVjdGNlbnRlci5jb20=&hash=d6219a... Page URL
http://www.redirectcenter.com/ HTTP 301
https://www.harzfriends.de/myred/114.php?f=z Page URL
https://zixu.de/ Page URL
https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5saW5rb3JnYW5pemVyLmRl&hash=f34c7a3186... Page URL
http://www.linkorganizer.de/ HTTP 307
https://www.linkorganizer.de/ HTTP 307
http://www.linkorganizer.de/ HTTP 301
https://www.harzfriends.de/myred/108.php?f=c Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

90 %
HTTPS

29 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

102 kB
Transfer

278 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.redirectcenter.com/ HTTP 307
https://www.redirectcenter.com/ HTTP 307
http://www.redirectcenter.com/ HTTP 301
https://www.harzfriends.de/myred/114.php?f=z Page URL
https://zixu.de/ Page URL
https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5yZWRpcmVjdGNlbnRlci5jb20=&hash=d6219aee846862a113cb381c441243cb Page URL
http://www.redirectcenter.com/ HTTP 301
https://www.harzfriends.de/myred/114.php?f=z Page URL
https://zixu.de/ Page URL
https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5saW5rb3JnYW5pemVyLmRl&hash=f34c7a3186eea31da10d4d9e5dcc2d77 Page URL
http://www.linkorganizer.de/ HTTP 307
https://www.linkorganizer.de/ HTTP 307
http://www.linkorganizer.de/ HTTP 301
https://www.harzfriends.de/myred/108.php?f=c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.redirectcenter.com/ HTTP 307
https://www.redirectcenter.com/ HTTP 307
http://www.redirectcenter.com/ HTTP 301
https://www.harzfriends.de/myred/114.php?f=z

Request Chain 8

http://www.redirectcenter.com/ HTTP 301
https://www.harzfriends.de/myred/114.php?f=z

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

114.php Show response
www.harzfriends.de/myred/
Redirect Chain

http://www.redirectcenter.com/
https://www.redirectcenter.com/
http://www.redirectcenter.com/
https://www.harzfriends.de/myred/114.php?f=z

1 KB
797 B

541ms
427ms

Document
text/html

78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harzfriends.de/myred/114.php?f=z
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: f389f02b613e450248a75a4e2f539ab066f69e5c65e1fe3749a28202c8820a15

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 667
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 02:46:34 GMT
expires: Wed, 27 Mar 2024 02:46:34 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Mar 2024 02:46:34 GMT
Location: https://www.harzfriends.de/myred/114.php?f=z
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 rtb.min.js Show response
static.trafficclub.com/ 7 KB
3 KB 130ms
8ms Script
application/javascript 2600:9000:2156:ba00:6:92b8:d800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.trafficclub.com/rtb.min.js
Requested by: Host: www.harzfriends.de
URL: https://www.harzfriends.de/myred/114.php?f=z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ba00:6:92b8:d800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6249d2dcfb60c3c54da30e6a64dec8ae78f54483af7549354a8c7679796dd89c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 06:03:19 GMT
content-encoding: gzip
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 14:33:40 GMT
server: Apache
x-amz-cf-pop: FRA50-C1
age: 74613
etag: W/"1b66-5ff4596259eb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: XOmy0qbgoZTiRcra3NsRywQdYhbSjCVjXiY4Qzd1s81FLl7aVtVg2Q==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
30 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: static.trafficclub.com
URL: https://static.trafficclub.com/rtb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Mar 2025 07:47:09 GMT

GET
H2 200 favicon.ico
www.harzfriends.de/ 0
114 B 5ms
5ms Other
image/vnd.microsoft.icon 78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harzfriends.de/favicon.ico
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:46:35 GMT
last-modified: Thu, 23 Jul 2015 08:48:59 GMT
server: Apache
content-type: image/vnd.microsoft.icon
cache-control: max-age=0
accept-ranges: bytes
content-length: 0
expires: Wed, 27 Mar 2024 02:46:35 GMT

GET
H2 200 rtb.php
track.traffic.club/ 19 B
206 B 334ms
255ms XHR
text/html 167.233.8.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.traffic.club/rtb.php?hash=bd8727d0059b01d78e9451c27a9625bc&mid=114&f=114&request=rtb&keyword=farmfinance.de&domain=farmfinance.de

Requested by

Host: static.trafficclub.com
URL: https://static.trafficclub.com/rtb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.233.8.197 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.197.8.233.167.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:46:36 GMT
content-encoding: none
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=utf8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 19
x-xss-protection: 1; mode=block

GET
H3 200 /
zixu.de/ 938 B
717 B 215ms
165ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zixu.de/

Requested by

Host: www.harzfriends.de
URL: https://www.harzfriends.de/myred/114.php?f=z

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 86ac0d0ca9ca5caa-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 27 Mar 2024 02:46:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1H0RX4gBmtJYlISehW%2FpvqOFxjJCyrZXUscjqKu0U9GvJt8IUFxzdSLa%2F7aazmfCL7UbrWSdPHJrz1kDJswn6F2c2VLEQCrSfba3WuEoKM7SdH7kw3h64YO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 /
sylverlight.net/ 841 B
454 B 30ms
6ms Document
text/html 78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5yZWRpcmVjdGNlbnRlci5jb20=&hash=d6219aee846862a113cb381c441243cb
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 290
content-type: text/html;charset=utf-8
date: Wed, 27 Mar 2024 02:46:36 GMT
referrer-policy: no-referrer
server: Apache
vary: Accept-Encoding
x-mod-pagespeed: 1.14.36.1-0

GET favicon.ico
zixu.de/ 0
0

GET
H2

200

114.php Show response
www.harzfriends.de/myred/
Redirect Chain

http://www.redirectcenter.com/
https://www.harzfriends.de/myred/114.php?f=z

1 KB
746 B

442ms
440ms

Document
text/html

78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harzfriends.de/myred/114.php?f=z
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: 06f74ee3111f617e1f076c30192d2cf195aba2d4ac4150354244cde2e052c018

Request headers

Referer: https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5yZWRpcmVjdGNlbnRlci5jb20=&hash=d6219aee846862a113cb381c441243cb
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 668
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 02:46:36 GMT
expires: Wed, 27 Mar 2024 02:46:36 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Mar 2024 02:46:36 GMT
Location: https://www.harzfriends.de/myred/114.php?f=z
Server: nginx
Transfer-Encoding: chunked

GET
H2 404 favicon.ico
sylverlight.net/ 262 B
311 B 9ms
7ms Other
text/html 78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sylverlight.net/favicon.ico
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:46:36 GMT
server: Apache
content-length: 262
content-type: text/html; charset=iso-8859-1

GET
H2 200 rtb.min.js Show response
static.trafficclub.com/ 7 KB
3 KB 19ms
16ms Script
application/javascript 2600:9000:2156:ba00:6:92b8:d800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.trafficclub.com/rtb.min.js
Requested by: Host: www.harzfriends.de
URL: https://www.harzfriends.de/myred/114.php?f=z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ba00:6:92b8:d800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6249d2dcfb60c3c54da30e6a64dec8ae78f54483af7549354a8c7679796dd89c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 06:03:19 GMT
content-encoding: gzip
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 14:33:40 GMT
server: Apache
x-amz-cf-pop: FRA50-C1
age: 74615
etag: W/"1b66-5ff4596259eb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: oPYZm3cPZyhIROGVMT4D3IfSBPyVSh0C2j7_N5Gwa2rWGkuVZxGGtw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
29 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: static.trafficclub.com
URL: https://static.trafficclub.com/rtb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 07:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Mar 2025 07:47:09 GMT

GET
H2 200 favicon.ico
www.harzfriends.de/ 0
67 B 17ms
3ms Other
image/vnd.microsoft.icon 78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harzfriends.de/favicon.ico
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:46:37 GMT
last-modified: Thu, 23 Jul 2015 08:48:59 GMT
server: Apache
content-type: image/vnd.microsoft.icon
cache-control: max-age=0
accept-ranges: bytes
content-length: 0
expires: Wed, 27 Mar 2024 02:46:37 GMT

GET
H2 200 rtb.php
track.traffic.club/ 19 B
205 B 257ms
256ms XHR
text/html 167.233.8.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.traffic.club/rtb.php?hash=bd8727d0059b01d78e9451c27a9625bc&mid=114&f=114&request=rtb&keyword=businesshour.de&domain=businesshour.de

Requested by

Host: static.trafficclub.com
URL: https://static.trafficclub.com/rtb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.233.8.197 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.197.8.233.167.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:46:37 GMT
content-encoding: none
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=utf8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 19
x-xss-protection: 1; mode=block

GET
H3 200 / Show response
zixu.de/ 934 B
693 B 144ms
143ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zixu.de/

Requested by

Host: www.harzfriends.de
URL: https://www.harzfriends.de/myred/114.php?f=z

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11d35675def3277c33d441c084568a9ecfb703926344a1ff0936a7fb44b8a2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 86ac0d173f3e5caa-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 27 Mar 2024 02:46:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMJMobXLfZ%2FYEp69%2B1%2FlyTgrwf%2FW9RJXDCWxwJ%2FZwX8%2BQz%2BmcbJMRyNECKTF9qeXUX%2B9Y3zExsYIAR8WycyisB1NmIUIlwKCGI6yAMU3X4Xdd68mz0QNUHPR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
sylverlight.net/ 839 B
345 B 13ms
12ms Document
text/html 78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5saW5rb3JnYW5pemVyLmRl&hash=f34c7a3186eea31da10d4d9e5dcc2d77
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: 2118650e6bb7727736ea28b89e26005721cf47b5651c9ddb74c92c187bde0f63

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 290
content-type: text/html;charset=utf-8
date: Wed, 27 Mar 2024 02:46:38 GMT
referrer-policy: no-referrer
server: Apache
vary: Accept-Encoding
x-mod-pagespeed: 1.14.36.1-0

GET favicon.ico
zixu.de/ 0
0

GET
H2

200

Primary Request 108.php Show response
www.harzfriends.de/myred/
Redirect Chain

http://www.linkorganizer.de/
https://www.linkorganizer.de/
http://www.linkorganizer.de/
https://www.harzfriends.de/myred/108.php?f=c

925 B
631 B

396ms
395ms

Document
text/html

78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harzfriends.de/myred/108.php?f=c
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: 56196f7b62cb690a7ba4c7d7a16cd35b675c3ca4580d3af1c00a8fb06779cb01

Request headers

Referer: https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5saW5rb3JnYW5pemVyLmRl&hash=f34c7a3186eea31da10d4d9e5dcc2d77
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 553
content-type: text/html; charset=utf-8
date: Wed, 27 Mar 2024 02:46:38 GMT
expires: Wed, 27 Mar 2024 02:46:38 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Mar 2024 02:46:38 GMT
Location: https://www.harzfriends.de/myred/108.php?f=c
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 rtb.min.js Show response
static.trafficclub.com/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2600:9000:2156:ba00:6:92b8:d800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.trafficclub.com/rtb.min.js
Requested by: Host: www.harzfriends.de
URL: https://www.harzfriends.de/myred/108.php?f=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ba00:6:92b8:d800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6249d2dcfb60c3c54da30e6a64dec8ae78f54483af7549354a8c7679796dd89c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 06:03:19 GMT
content-encoding: gzip
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 14:33:40 GMT
server: Apache
x-amz-cf-pop: FRA50-C1
age: 74617
etag: W/"1b66-5ff4596259eb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: MOMWlHcLyoM9QN6ZctfoTfaNS65iDAkMMLSYq0zoj-fZ0Dl_4y0qqg==

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
29 KB 8ms
7ms Script
text/javascript 142.250.184.202

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: static.trafficclub.com
URL: https://static.trafficclub.com/rtb.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.202 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 26 Mar 2024 05:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Mar 2025 05:07:07 GMT

GET
H2 200 favicon.ico
www.harzfriends.de/ 0
67 B 6ms
5ms Other
image/vnd.microsoft.icon 78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harzfriends.de/favicon.ico
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 02:46:39 GMT
last-modified: Thu, 23 Jul 2015 08:48:59 GMT
server: Apache
content-type: image/vnd.microsoft.icon
cache-control: max-age=0
accept-ranges: bytes
content-length: 0
expires: Wed, 27 Mar 2024 02:46:39 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: zixu.de
URL: https://zixu.de/favicon.ico

Domain: zixu.de
URL: https://zixu.de/favicon.ico

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sylverlight.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
static.trafficclub.com
sylverlight.net
track.traffic.club
www.harzfriends.de
www.linkorganizer.de
www.redirectcenter.com
zixu.de
zixu.de
142.250.184.202
167.233.8.197
188.114.97.3
2600:9000:2156:ba00:6:92b8:d800:93a1
2a00:1450:4001:80e::200a
78.46.155.196
95.130.17.35
06f74ee3111f617e1f076c30192d2cf195aba2d4ac4150354244cde2e052c018
11d35675def3277c33d441c084568a9ecfb703926344a1ff0936a7fb44b8a2ac
2118650e6bb7727736ea28b89e26005721cf47b5651c9ddb74c92c187bde0f63
56196f7b62cb690a7ba4c7d7a16cd35b675c3ca4580d3af1c00a8fb06779cb01
6249d2dcfb60c3c54da30e6a64dec8ae78f54483af7549354a8c7679796dd89c
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f389f02b613e450248a75a4e2f539ab066f69e5c65e1fe3749a28202c8820a15

www.harzfriends.de Open in urlscan Pro 78.46.155.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

29 %IPv6

8 Domains

8 Subdomains

7 IPs

3 Countries

102 kBTransfer

278 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

www.harzfriends.de Open in urlscan Pro
78.46.155.196 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

29 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

102 kB
Transfer

278 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions