click.az-direct.ch Open in urlscan Pro
217.115.153.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.az-direct.ch/red.php?r=37272361173373461&lid=2361761&ln=3
Effective URL:
https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3
Submission Tags: falconsandbox
Submission: On February 16 via api (February 16th 2023, 9:01:42 am UTC) from US — Scanned from DE

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 217.115.153.221, located in Germany and belongs to GODADDY, DE. The main domain is click.az-direct.ch.
TLS certificate: Issued by R3 on February 8th 2023. Valid for: 3 months.

This is the only time click.az-direct.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	217.115.153.221 217.115.153.221	20773 (GODADDY) (GODADDY)
6	217.115.153.219 217.115.153.219	20773 (GODADDY) (GODADDY)
8	2

4 217.115.153.221 (Germany) 2 redirects

ASN20773 (GODADDY, DE)
PTR: srv21.mailer-service.de

click.az-direct.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.promio-connect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.115.153.219 (Germany)

ASN20773 (GODADDY, DE)
PTR: srv19.mailer-service.de

media.promio-connect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	promio-connect.com img.promio-connect.com — Cisco Umbrella Rank: 431121 media.promio-connect.com — Cisco Umbrella Rank: 522516	675 KB
3	az-direct.ch 2 redirects click.az-direct.ch	25 KB
8	2

	Domain	Requested by
6	media.promio-connect.com	click.az-direct.ch
3	click.az-direct.ch	2 redirects
1	img.promio-connect.com	click.az-direct.ch
8	3

This site contains links to these domains. Also see Links.

Domain
bymaag.ch

Subject Issuer	Validity	Valid
click.az-direct.ch R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
*.promio-connect.com Starfield Secure Certificate Authority - G2	`2022-08-16` - `2023-09-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3
Frame ID: 8222EC6F203D629111C4F2D49CDC0BE4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wetten, dass...

Page URL History Show full URLs

https://click.az-direct.ch/red.php?r=37272361173373461&lid=2361761&ln=3 HTTP 302
https://click.az-direct.ch/view?r=37272361173373461&lid=2361761&pm_ln=3 HTTP 301
https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3 Page URL

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

699 kB
Transfer

697 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://bymaag.ch/impressum/
Title: Impressum

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.az-direct.ch/red.php?r=37272361173373461&lid=2361761&ln=3 HTTP 302
https://click.az-direct.ch/view?r=37272361173373461&lid=2361761&pm_ln=3 HTTP 301
https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
click.az-direct.ch/view/
Redirect Chain

https://click.az-direct.ch/red.php?r=37272361173373461&lid=2361761&ln=3
https://click.az-direct.ch/view?r=37272361173373461&lid=2361761&pm_ln=3
https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3

24 KB
24 KB

159ms
159ms

Document
text/html

217.115.153.221
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.115.153.221 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

srv21.mailer-service.de

Software

Apache /

Resource Hash

904f77844e07e19f3e3f50d292876dc18dd13cf3b4227fbc174e806d9cba98cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=7200
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Feb 2023 09:01:36 GMT
Expires: Thu, 16 Feb 2023 11:01:36 GMT
Keep-Alive: timeout=13, max=99
Server: Apache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: max-age=7200
Connection: Keep-Alive
Content-Length: 288
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 16 Feb 2023 09:01:36 GMT
Expires: Thu, 16 Feb 2023 11:01:36 GMT
Keep-Alive: timeout=13, max=100
Location: https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3
Server: Apache

GET
H/1.1 200
OK 2361761-37272361173373461-1233734.gif
img.promio-connect.com/ 43 B
406 B 216ms
22ms Image
image/gif 217.115.153.221
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.promio-connect.com/2361761-37272361173373461-1233734.gif

Requested by

Host: click.az-direct.ch
URL: https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.115.153.221 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

srv21.mailer-service.de

Software

Apache /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.az-direct.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 09:01:37 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-DNS-Prefetch-Control: off
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: Keep-Alive
X-Robots-Tag: noindex
Keep-Alive: timeout=13, max=100
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 23 Feb 2023 09:01:37 GMT

GET
H/1.1 200
OK 8960872_headerbild.jpg
media.promio-connect.com/16422/pics/post/ 248 KB
249 KB 226ms
9ms Image
image/jpeg 217.115.153.219
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promio-connect.com/16422/pics/post/8960872_headerbild.jpg
Requested by: Host: click.az-direct.ch
URL: https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.115.153.219 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS: srv19.mailer-service.de
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fcd221fe8fbf4f31cadcc3791d7bb475af4a5393fecebd09a61f3ba2e726f738

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.az-direct.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 09:01:34 GMT
Last-Modified: Fri, 18 Nov 2022 11:21:16 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "631ed-3e0c5-5edbce76ff9bd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 254149

GET
H/1.1 200
OK 8567417_lorenz_portrait.jpg
media.promio-connect.com/16422/pics/post/ 88 KB
88 KB 226ms
9ms Image
image/jpeg 217.115.153.219
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promio-connect.com/16422/pics/post/8567417_lorenz_portrait.jpg
Requested by: Host: click.az-direct.ch
URL: https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.115.153.219 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS: srv19.mailer-service.de
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b308070456735b0e53dafa71cd159e780ce741d7674f6f88b866acff7aaa7c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.az-direct.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 09:01:34 GMT
Last-Modified: Wed, 08 Jun 2022 09:20:39 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "652c3-15fb0-5e0ec37fa8240"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 90032

GET
H/1.1 200
OK 8960872_bild_gross.jpg
media.promio-connect.com/16422/pics/post/ 330 KB
330 KB 226ms
9ms Image
image/jpeg 217.115.153.219
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promio-connect.com/16422/pics/post/8960872_bild_gross.jpg
Requested by: Host: click.az-direct.ch
URL: https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.115.153.219 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS: srv19.mailer-service.de
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 827040527e2f1c43e95f88159b0e034acee91814970c8cb6fdf24f14debeca36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.az-direct.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 09:01:34 GMT
Last-Modified: Fri, 18 Nov 2022 11:21:16 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "631ee-52787-5edbce77112fe"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 337799

GET
H/1.1 200
OK 8567417_flat-dark-round-facebook.png
media.promio-connect.com/16422/pics/post/ 2 KB
2 KB 228ms
9ms Image
image/png 217.115.153.219
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promio-connect.com/16422/pics/post/8567417_flat-dark-round-facebook.png
Requested by: Host: click.az-direct.ch
URL: https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.115.153.219 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS: srv19.mailer-service.de
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7c524fcdd7ae166f3207ba096e50e9482ab4cfd3bc54ddec99ba0adb99400a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.az-direct.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 09:01:34 GMT
Last-Modified: Wed, 08 Jun 2022 09:45:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "652c9-6f4-5e0ec91791ed0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 1780

GET
H/1.1 200
OK 8567417_flat-dark-round-twitter.png
media.promio-connect.com/16422/pics/post/ 2 KB
2 KB 238ms
18ms Image
image/png 217.115.153.219
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promio-connect.com/16422/pics/post/8567417_flat-dark-round-twitter.png
Requested by: Host: click.az-direct.ch
URL: https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.115.153.219 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS: srv19.mailer-service.de
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3827c2f925411ac249fe58f1883ba7ccb14890cd5adc6b80aa015bcce98c330c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.az-direct.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 09:01:34 GMT
Last-Modified: Wed, 08 Jun 2022 09:45:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "652ca-8b7-5e0ec917b5152"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 2231

GET
H/1.1 200
OK 8567417_flat-dark-round-website.png
media.promio-connect.com/16422/pics/post/ 2 KB
3 KB 236ms
15ms Image
image/png 217.115.153.219
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.promio-connect.com/16422/pics/post/8567417_flat-dark-round-website.png
Requested by: Host: click.az-direct.ch
URL: https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.115.153.219 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS: srv19.mailer-service.de
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8c80c0a37ce5090f7eacc7fc6082e66fe5afe352b2614dcb06ff5a6a09645983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.az-direct.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 09:01:34 GMT
Last-Modified: Wed, 08 Jun 2022 09:45:41 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "652cb-9c9-5e0ec917b8032"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: close
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 2505

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://click.az-direct.ch/view/?r=37272361173373461&lid=2361761&pm_ln=3(Line 5) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.az-direct.ch
img.promio-connect.com
media.promio-connect.com
217.115.153.219
217.115.153.221
3827c2f925411ac249fe58f1883ba7ccb14890cd5adc6b80aa015bcce98c330c
7c524fcdd7ae166f3207ba096e50e9482ab4cfd3bc54ddec99ba0adb99400a1a
827040527e2f1c43e95f88159b0e034acee91814970c8cb6fdf24f14debeca36
8c80c0a37ce5090f7eacc7fc6082e66fe5afe352b2614dcb06ff5a6a09645983
904f77844e07e19f3e3f50d292876dc18dd13cf3b4227fbc174e806d9cba98cf
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b308070456735b0e53dafa71cd159e780ce741d7674f6f88b866acff7aaa7c2f
fcd221fe8fbf4f31cadcc3791d7bb475af4a5393fecebd09a61f3ba2e726f738

click.az-direct.ch Open in urlscan Pro 217.115.153.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

699 kBTransfer

697 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

click.az-direct.ch Open in urlscan Pro
217.115.153.221 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

699 kB
Transfer

697 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions