de1315.happy-nachrichten.de Open in urlscan Pro
45.156.91.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://occupationwretched.top/f5aaenwCV0YEAXt7WVNUA1E_EGgOA2hbd3lVGkIfKFwrAxMwSjYZDlYqDS8bTj8wRFYODRoXCg5NFCx1WEdLBnc5cgw?p=jy...
Effective URL:
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79745323&
Submission: On May 11 via api (May 11th 2024, 10:29:27 am UTC) from LU — Scanned from DE

Summary HTTP 36 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 15 domains to perform 36 HTTP transactions. The main IP is 45.156.91.33, located in Germany and belongs to ABUNTIS, DE. The main domain is de1315.happy-nachrichten.de.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.

This is the only time de1315.happy-nachrichten.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3034::ac43:95a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	67.212.184.146 67.212.184.146	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 2	2a05:22c7:1:2... 2a05:22c7:1:2140::197	42567 (MOJHOST-EU) (MOJHOST-EU)
2	84.16.252.20 84.16.252.20	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1 1	34.111.143.46 34.111.143.46	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	45.156.91.34 45.156.91.34	211823 (ABUNTIS) (ABUNTIS)
7	45.156.91.33 45.156.91.33	211823 (ABUNTIS) (ABUNTIS)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:47b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.158.79.89 35.158.79.89	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	116.203.25.165 116.203.25.165	24940 (HETZNER-AS) (HETZNER-AS)
9	172.67.71.184 172.67.71.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	15

2 2606:4700:3034::ac43:95a8 (United States)

ASN13335 (CLOUDFLARENET, US)

occupationwretched.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

yidiandian.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.212.184.146 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

go.kelpboat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:22c7:1:2140::197 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

go1.mgre.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.16.252.20 (Unterföhring, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com

go2cliks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.143.46 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.143.111.34.bc.googleusercontent.com

www.sbbq3otrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.156.91.34 (Germany) 1 redirects

ASN211823 (ABUNTIS, DE)

trckde01.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.156.91.33 (Germany)

ASN211823 (ABUNTIS, DE)

de1315.happy-nachrichten.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.79.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-79-89.eu-central-1.compute.amazonaws.com

meine.pixelweiche.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.203.25.165 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.25.203.116.clients.your-server.de

lv1.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.71.184 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 24654 api.cleverpush.com — Cisco Umbrella Rank: 21697	125 KB
7	happy-nachrichten.de de1315.happy-nachrichten.de	952 KB
2	pixelweiche.de meine.pixelweiche.de	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 380	34 KB
2	go2cliks.net go2cliks.net	1 KB
2	mgre.work go1.mgre.work Failed	990 B
2	occupationwretched.top occupationwretched.top	2 KB
1	mycleverpush.com lv1.mycleverpush.com
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	59 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1230	11 KB
1	trckde01.de 1 redirects trckde01.de	804 B
1	sbbq3otrk.com 1 redirects www.sbbq3otrk.com	512 B
1	kelpboat.com go.kelpboat.com	2 KB
1	yidiandian.xyz yidiandian.xyz	602 B
0	baidu.com Failed hm.baidu.com Failed
36	15

	Domain	Requested by
9	static.cleverpush.com	de1315.happy-nachrichten.de static.cleverpush.com
7	de1315.happy-nachrichten.de	de1315.happy-nachrichten.de
4	api.cleverpush.com	static.cleverpush.com
2	meine.pixelweiche.de	de1315.happy-nachrichten.de meine.pixelweiche.de
2	go2cliks.net	go1.mgre.work
2	go1.mgre.work	go.kelpboat.com
2	occupationwretched.top	occupationwretched.top
1	lv1.mycleverpush.com	static.cleverpush.com
1	connect.facebook.net	de1315.happy-nachrichten.de
1	ajax.googleapis.com	de1315.happy-nachrichten.de
1	use.fontawesome.com	de1315.happy-nachrichten.de
1	fonts.googleapis.com	de1315.happy-nachrichten.de
1	trckde01.de	1 redirects
1	www.sbbq3otrk.com	1 redirects
1	go.kelpboat.com	yidiandian.xyz
1	yidiandian.xyz	occupationwretched.top
0	hm.baidu.com Failed	occupationwretched.top
36	17

This site contains links to these domains. Also see Links.

Domain
lifestyle-club-online.de
www.burda-versichert.de
dailytravel.de
www.emma-matratze.de
www.cashsparen.de
resultsgeneration.com
www.suedstern-interaction.de
www.trendtours.de
www.daydreams.de
www.pmiprivacy.com
signalize.com

Subject Issuer	Validity	Valid
occupationwretched.top GTS CA 1P5	`2024-03-22` - `2024-06-20`	3 months	crt.sh
yidiandian.xyz GTS CA 1P5	`2024-03-31` - `2024-06-29`	3 months	crt.sh
go.kelpboat.com R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh
go1.mgre.work R3	`2024-04-16` - `2024-07-15`	3 months	crt.sh
go2cliks.net R3	`2024-04-23` - `2024-07-22`	3 months	crt.sh
*.happy-nachrichten.de R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
cleverpush.com E1	`2024-04-30` - `2024-07-29`	3 months	crt.sh
coyote.pixel-weiche.de R3	`2024-04-21` - `2024-07-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-18` - `2024-05-18`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-14` - `2024-06-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79745323&
Frame ID: 3123B3319588D479DCCCB5F990C915D9
Requests: 33 HTTP requests in this frame

Frame: https://lv1.mycleverpush.com/iframe?origin=https%3A%2F%2Fde1315.happy-nachrichten.de
Frame ID: F48346FC72FFF7E4EA6C1CAA8656B6E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

iPhone 15 Pro Gewinnen!

Page URL History Show full URLs

https://occupationwretched.top/f5aaenwCV0YEAXt7WVNUA1E_EGgOA2hbd3lVGkIfKFwrAxMwSjYZDlYqDS8bTj8wRFYODRoXCg5N... Page URL
https://occupationwretched.top/404/nfp.html Page URL
https://yidiandian.xyz/ Page URL
https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 Page URL
https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7367687230011211843&subid=25426&sid3=25426-06a... HTTP 303
http://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D66339158-25... HTTP 307
https://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D66339158-25... Page URL
https://go2cliks.net/cpa/9887/1495?subid1=66339158-25f5-4e1f-a053-c5252c273b85&subid2=eXZleXU= Page URL
https://www.sbbq3otrk.com/4HZ6GG9/24BMB4P/?sub1=9887&sub3=136lqg4h00084 HTTP 302
https://trckde01.de/de01,iphone,15,pro_977.html?idPartner=69&idCampaignAd=0&subId=2180_9887&subI... HTTP 302
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79745323& Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

94 %
HTTPS

50 %
IPv6

15
Domains

17
Subdomains

15
IPs

3
Countries

1190 kB
Transfer

2135 kB
Size

6
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://lifestyle-club-online.de/
Title: https://lifestyle-club-online.de/

Search URL Search Domain Scan URL

URL: https://www.burda-versichert.de/de/cms/datenschutzinformation-art-14.html
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://dailytravel.de/
Title: https://dailytravel.de

Search URL Search Domain Scan URL

URL: https://www.emma-matratze.de/datenschutz/
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://www.cashsparen.de/static/privacy
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://resultsgeneration.com/privacy-policy
Title: Datenschutz

Search URL Search Domain Scan URL

URL: http://www.suedstern-interaction.de/
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.trendtours.de/datenschutz
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.daydreams.de/datenschutzinformation_Artikel_14
Title: Datenschutzinformation nach Art. 14 EU-DSGVO

Search URL Search Domain Scan URL

URL: https://www.pmiprivacy.com/de-de/consumer
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://signalize.com/docs/sonstiges/opt-out-info/
Title: hier

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://occupationwretched.top/f5aaenwCV0YEAXt7WVNUA1E_EGgOA2hbd3lVGkIfKFwrAxMwSjYZDlYqDS8bTj8wRFYODRoXCg5NFCx1WEdLBnc5cgw?p=jyyuvb&_wi Page URL
https://occupationwretched.top/404/nfp.html Page URL
https://yidiandian.xyz/ Page URL
https://go.kelpboat.com/?utm_medium=c7069e939b860228ac9c4f5b0798b92843c0aa3c&utm_campaign=op24 Page URL
https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7367687230011211843&subid=25426&sid3=25426-06aaba3z HTTP 303
http://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D66339158-25f5-4e1f-a053-c5252c273b85%26subid2%3DeXZleXU%3D HTTP 307
https://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D66339158-25f5-4e1f-a053-c5252c273b85%26subid2%3DeXZleXU%3D Page URL
https://go2cliks.net/cpa/9887/1495?subid1=66339158-25f5-4e1f-a053-c5252c273b85&subid2=eXZleXU= Page URL
https://www.sbbq3otrk.com/4HZ6GG9/24BMB4P/?sub1=9887&sub3=136lqg4h00084 HTTP 302
https://trckde01.de/de01,iphone,15,pro_977.html?idPartner=69&idCampaignAd=0&subId=2180_9887&subIdentifier=0a35ec5783a443a3a4abd7676f4e3550_ HTTP 302
https://de1315.happy-nachrichten.de/campaign_1315.html?coyoteAffiliTokenId=79745323& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://go.kelpboat.com/proc.php?3888b212fbc7b40cb4a208f848f705cde1215632 HTTP 301
https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7367687230011211843&subid=25426&sid3=25426-06aaba3z

Request Chain 6

https://go1.mgre.work/pop.go?spaceid=11670304&sid2=M7367687230011211843&subid=25426&sid3=25426-06aaba3z HTTP 303
http://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D66339158-25f5-4e1f-a053-c5252c273b85%26subid2%3DeXZleXU%3D HTTP 307
https://go1.mgre.work/r.go?r=https%3A%2F%2Fgo2cliks.net%2Fcpa%2F9887%2F1495%3Fsubid1%3D66339158-25f5-4e1f-a053-c5252c273b85%26subid2%3DeXZleXU%3D

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 f5aaenwCV0YEAXt7WVNUA1E_EGgOA2hbd3lVGkIfKFwrAxMwSjYZDlYqDS8bTj8wRFYODRoXCg5NFCx1WEdLBnc5cgw
occupationwretched.top/ 1 KB
1 KB 441ms
63ms Document
text/html 2606:4700:3034::ac43:95a8
CLOUDFLARENET

General

Domain/Path	Expires	Name / Value
go2cliks.net/	1970-01-20 20:31:11	Name: mobitck Value: 1
www.sbbq3otrk.com/	1970-01-20 20:31:49	Name: uniqueClick_24BMB4P Value: 76a1bd5d-b66b-4a62-88cd-09029962bb02:1715423361
www.sbbq3otrk.com/	1970-01-20 22:39:59	Name: transaction_id Value: 0a35ec5783a443a3a4abd7676f4e3550
trckde01.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: q91lu3ciu76lvdmg3ka1a8h11o
de1315.happy-nachrichten.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: 55ojqjht11f3mhrlt46ki2l1ir
de1315.happy-nachrichten.de/	1970-01-20 20:30:37	Name: coyoteAffiliTokenId1315 Value: 79745323

de1315.happy-nachrichten.de Open in urlscan Pro 45.156.91.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

94 %HTTPS

50 %IPv6

15 Domains

17 Subdomains

15 IPs

3 Countries

1190 kBTransfer

2135 kBSize

6 Cookies

11 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

de1315.happy-nachrichten.de Open in urlscan Pro
45.156.91.33 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

94 %
HTTPS

50 %
IPv6

15
Domains

17
Subdomains

15
IPs

3
Countries

1190 kB
Transfer

2135 kB
Size

6
Cookies

36 HTTP transactions
0 data transactions