urlscan.io logo urlscan.io
SecurityTrails logo

www.exklusive-preise.de Open in urlscan Pro
130.255.79.215  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wathspap.com/rc/4d90999b3f?affclick=fd90cafdaf27ab4a1ac63ccdb01d5136&pubid=
Effective URL: https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=259&idCampaignAd=0&subId=0pitjgta00084&subIdentifier=...
Submission: On October 20 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 4 HTTP transactions. The main IP is 130.255.79.215, located in Germany and belongs to BKVG-AS, DE. The main domain is www.exklusive-preise.de.
TLS certificate: Issued by R3 on September 29th 2021. Valid for: 3 months.
This is the only time www.exklusive-preise.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.21.45.36 13335 (CLOUDFLAR...)
1 172.67.198.87 13335 (CLOUDFLAR...)
1 1 104.248.110.148 14061 (DIGITALOC...)
1 46.165.249.8 28753 (LEASEWEB-...)
1 130.255.79.215 29141 (BKVG-AS)
4 4
1    104.21.45.36 (United States)

ASN13335 (CLOUDFLARENET, US)
wathspap.com
1    172.67.198.87 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    104.248.110.148 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
s2saffiliate.com
1    46.165.249.8 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
click2me.club
1    130.255.79.215 (Germany)

ASN29141 (BKVG-AS, DE)
PTR: server-redlemon01.virtualhosts.de
www.exklusive-preise.de
Domain Requested by
1 www.exklusive-preise.de
1 click2me.club wathspap.com
1 s2saffiliate.com 1 redirects
1 cdn.addlnk.com wathspap.com
1 wathspap.com
4 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-15 -
2022-06-14		 a year crt.sh
click2me.club
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
www.exklusive-preise.de
R3		 2021-09-29 -
2021-12-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=259&idCampaignAd=0&subId=0pitjgta00084&subIdentifier=4823&rlmset=iphone12_pre_de
Frame ID: 0872393E75E259BD6069CF2BCCA36DCD
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://wathspap.com/rc/4d90999b3f?affclick=fd90cafdaf27ab4a1ac63ccdb01d5136&pubid= Page URL
  2. https://s2saffiliate.com/redirects?offer_id=13&affiliate_id=9&sub_id=6380fb9e&click_id=pub758ba660745... HTTP 302
    https://click2me.club/go/4823/3?subid1=1_cfc57caa3b8fabf8d6c4dcdbc0fae120&subid2=6380fb9e Page URL
  3. https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=259&idCampaignAd=0&subId=0pitjgta... Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

4 kB
Transfer

3 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wathspap.com/rc/4d90999b3f?affclick=fd90cafdaf27ab4a1ac63ccdb01d5136&pubid= Page URL
  2. https://s2saffiliate.com/redirects?offer_id=13&affiliate_id=9&sub_id=6380fb9e&click_id=pub758ba660745f4636adf5052ecb5bc19c HTTP 302
    https://click2me.club/go/4823/3?subid1=1_cfc57caa3b8fabf8d6c4dcdbc0fae120&subid2=6380fb9e Page URL
  3. https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=259&idCampaignAd=0&subId=0pitjgta00084&subIdentifier=4823&rlmset=iphone12_pre_de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://s2saffiliate.com/redirects?offer_id=13&affiliate_id=9&sub_id=6380fb9e&click_id=pub758ba660745f4636adf5052ecb5bc19c HTTP 302
  • https://click2me.club/go/4823/3?subid1=1_cfc57caa3b8fabf8d6c4dcdbc0fae120&subid2=6380fb9e

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4d90999b3f
wathspap.com/rc/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wathspap.com/rc/4d90999b3f?affclick=fd90cafdaf27ab4a1ac63ccdb01d5136&pubid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.45.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84382551be4b534cbf2799310f5671459cf22cf87d3c10354334944546320f4c

Request headers

:method
GET
:authority
wathspap.com
:scheme
https
:path
/rc/4d90999b3f?affclick=fd90cafdaf27ab4a1ac63ccdb01d5136&pubid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 20 Oct 2021 16:19:19 GMT
content-type
text/html; charset=utf-8
set-cookie
AWSALB=4UFamoN+5BhBKpxtPZBTTt6H0rnblWezGBoV3EREuHqNPOWir7Y/UvcpPGualG6Pht1GoVr6cZQJBlc6gB9BIYyf3s4oxFyqTk/iHbD0zEcu8+2Xt+oF1UytgGBM; Expires=Wed, 27 Oct 2021 16:19:19 GMT; Path=/ AWSALBCORS=4UFamoN+5BhBKpxtPZBTTt6H0rnblWezGBoV3EREuHqNPOWir7Y/UvcpPGualG6Pht1GoVr6cZQJBlc6gB9BIYyf3s4oxFyqTk/iHbD0zEcu8+2Xt+oF1UytgGBM; Expires=Wed, 27 Oct 2021 16:19:19 GMT; Path=/; SameSite=None
vary
Accept-Encoding, Accept-Language, Cookie
content-language
en-us
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuUgmn3lKqMCsJq9hFcTaNqTnPx1H5zRKUr2MN8Ql3wEo3cMeDWrHjZMFQ0B9eKXyVk2zOrnnqvi83glBmb1tiJKvy%2Fj%2Be6LQNkM7zgQi4i8P4AtRNe7O5mi3MrZUv4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a13912cbb3f412c-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: wathspap.com
URL: https://wathspap.com/rc/4d90999b3f?affclick=fd90cafdaf27ab4a1ac63ccdb01d5136&pubid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.198.87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:19:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1020
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
C0MZEK71BT52TXHH
x-amz-id-2
1ZQlYnIN8qU1AmdHCjNRCnkY7zBcUSoI2NRLOwDwAsWkzfaStpTAX0Wxzi1E95xaQ5dVOfolJqA=
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8t7eicg5vyOSI5WXlBDtScMUCremyzUK%2BQNT6w6h%2BWS2ciJY30GbFgeTwuShL%2Bns4bjbpGxoJM7%2F0Uz1ZRMkxSM0iHEYpXGIpH7LUiNDtzYtigx8Apmjr9TsrX38RrN96Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
6a13912e188ef9d2-PRG
cf-bgj
minify
Cookie set 3
click2me.club/go/4823/
Redirect Chain
  • https://s2saffiliate.com/redirects?offer_id=13&affiliate_id=9&sub_id=6380fb9e&click_id=pub758ba660745f4636adf5052ecb5bc19c
  • https://click2me.club/go/4823/3?subid1=1_cfc57caa3b8fabf8d6c4dcdbc0fae120&subid2=6380fb9e
384 B
919 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click2me.club/go/4823/3?subid1=1_cfc57caa3b8fabf8d6c4dcdbc0fae120&subid2=6380fb9e
Requested by
Host: wathspap.com
URL: https://wathspap.com/rc/4d90999b3f?affclick=fd90cafdaf27ab4a1ac63ccdb01d5136&pubid=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.165.249.8 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
nginx / PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Resource Hash
e392f3b1e90ae87a755dd6a0fc88e1ebddce418dd2f64c98510be55e507da388

Request headers

Host
click2me.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://wathspap.com/rc/4d90999b3f?affclick=fd90cafdaf27ab4a1ac63ccdb01d5136&pubid=

Response headers

Server
nginx
Date
Wed, 20 Oct 2021 16:19:19 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/7.2.34-8+ubuntu20.04.1+deb.sury.org+1
Content-Encoding
identity
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Wed, 20 Oct 2021 16:19:19 GMT
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Pragma
no-cache
Set-Cookie
mobitck=1; expires=Wed, 20-Oct-2021 23:59:59 GMT; Max-Age=27640; path=/; HttpOnly

Redirect headers

server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
cache-control
max-age=0, must-revalidate, private
date
Wed, 20 Oct 2021 16:19:19 GMT
location
https://click2me.club/go/4823/3?subid1=1_cfc57caa3b8fabf8d6c4dcdbc0fae120&subid2=6380fb9e
expires
Wed, 20 Oct 2021 16:19:19 GMT
Primary Request de,flexfancy,responsive_753.html
www.exklusive-preise.de/ 		18 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.exklusive-preise.de/de,flexfancy,responsive_753.html?idPartner=259&idCampaignAd=0&subId=0pitjgta00084&subIdentifier=4823&rlmset=iphone12_pre_de
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
130.255.79.215 , Germany, ASN29141 (BKVG-AS, DE),
Reverse DNS
server-redlemon01.virtualhosts.de
Software
Apache /
Resource Hash
0d7af731a374059fcadf9b2e5b1ca4b9e56c391dc29da4c0a8a34b497e591089

Request headers

:method
GET
:authority
www.exklusive-preise.de
:scheme
https
:path
/de,flexfancy,responsive_753.html?idPartner=259&idCampaignAd=0&subId=0pitjgta00084&subIdentifier=4823&rlmset=iphone12_pre_de
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=sui56psq5j7r9f6iso7huhbegu; path=/
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
38
content-type
text/html; charset=UTF-8
date
Wed, 20 Oct 2021 16:19:19 GMT
server
Apache

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

3 Cookies

Domain/Path Name / Value
wathspap.com/ Name: AWSALB
Value: 4UFamoN+5BhBKpxtPZBTTt6H0rnblWezGBoV3EREuHqNPOWir7Y/UvcpPGualG6Pht1GoVr6cZQJBlc6gB9BIYyf3s4oxFyqTk/iHbD0zEcu8+2Xt+oF1UytgGBM
click2me.club/ Name: mobitck
Value: 1
www.exklusive-preise.de/ Name: PHPSESSID
Value: sui56psq5j7r9f6iso7huhbegu