www.schlupsi.de Open in urlscan Pro
52.31.35.146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xn--gefhlskarten-flb.com/
Effective URL:
https://www.schlupsi.de/
Submission: On May 19 via automatic, source certstream-suspicious (May 19th 2018, 11:45:45 pm UTC)

Summary HTTP 34 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 34 HTTP transactions. The main IP is 52.31.35.146, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.schlupsi.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 6th 2018. Valid for: 3 months.

This is the only time www.schlupsi.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.31.35.146 52.31.35.146	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
22	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	85.13.145.212 85.13.145.212	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
1	2.18.233.20 2.18.233.20	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	172.217.17.46 172.217.17.46	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.208.36.214 52.208.36.214	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	172.217.16.168 172.217.16.168	15169 (GOOGLE) (GOOGLE - Google LLC)
3	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK - Facebook)
34	10

2 52.31.35.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-35-146.eu-west-1.compute.amazonaws.com

xn--gefhlskarten-flb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.schlupsi.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.101.14.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

assets.jimstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.jimcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.jimcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.jimstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.13.145.212 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd26934.kasserver.com

www.haendlerbund.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.20 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-20.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.17.46 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: ams16s29-in-f46.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.36.214 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-36-214.eu-west-1.compute.amazonaws.com

a.jimdo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.168 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f8.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.60.216.35 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	jimcdn.com u.jimcdn.com image.jimcdn.com	2 MB
7	jimstatic.com assets.jimstatic.com fonts.jimstatic.com	301 KB
4	facebook.com www.facebook.com staticxx.facebook.com	992 B
3	google-analytics.com www.google-analytics.com ssl.google-analytics.com	17 KB
1	jimdo.com a.jimdo.com	262 B
1	facebook.net connect.facebook.net	63 KB
1	paypalobjects.com www.paypalobjects.com	4 KB
1	haendlerbund.de www.haendlerbund.de	3 KB
1	schlupsi.de www.schlupsi.de	14 KB
1	xn--gefhlskarten-flb.com 1 redirects xn--gefhlskarten-flb.com	407 B
34	10

	Domain	Requested by
14	image.jimcdn.com	www.schlupsi.de assets.jimstatic.com
4	assets.jimstatic.com	www.schlupsi.de
3	www.facebook.com	www.schlupsi.de connect.facebook.net
3	fonts.jimstatic.com	www.schlupsi.de assets.jimstatic.com
2	ssl.google-analytics.com	www.schlupsi.de
1	staticxx.facebook.com	connect.facebook.net
1	a.jimdo.com	assets.jimstatic.com
1	www.google-analytics.com	www.schlupsi.de
1	connect.facebook.net	assets.jimstatic.com
1	www.paypalobjects.com	www.schlupsi.de
1	www.haendlerbund.de	www.schlupsi.de
1	u.jimcdn.com	www.schlupsi.de
1	www.schlupsi.de
1	xn--gefhlskarten-flb.com	1 redirects
34	14

This site contains links to these domains. Also see Links.

Domain
www.haendlerbund.de
www.paypal.com
www.facebook.com
twitter.com
cms.e.jimdo.com
a.jimdo.com

Subject Issuer	Validity	Valid
www.schlupsi.de Let's Encrypt Authority X3	`2018-03-06` - `2018-06-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.schlupsi.de/
Frame ID: 3302B82F6AB8511DAFAF635F6438B096
Requests: 35 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/RQ7NiRXMcYA.js?version=42
Frame ID: 1754B0FCB94962BA3B8BF29B8A8061C6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/connect/ping?client_id=113869198637480&domain=www.schlupsi.de&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FRQ7NiRXMcYA.js%3Fversion%3D42%23cb%3Df3c3714f2e218bc%26domain%3Dwww.schlupsi.de%26origin%3Dhttps%253A%252F%252Fwww.schlupsi.de%252Ff2b883b09790184%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey&version
Frame ID: 25CECF4D8A63708581CA700A87795764
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?app_id=113869198637480&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FRQ7NiRXMcYA.js%3Fversion%3D42%23cb%3Df513d6f2e36718%26domain%3Dwww.schlupsi.de%26origin%3Dhttps%253A%252F%252Fwww.schlupsi.de%252Ff2b883b09790184%26relation%3Dparent.parent&container_width=298&hide_cover=false&href=https%3A%2F%2Ffacebook.com%2Finpathia&locale=de_DE&sdk=joey&show_facepile=false&show_posts=false&width=298
Frame ID: C33D4420A3EE35B7A576F235F809129C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://xn--gefhlskarten-flb.com/ HTTP 301
https://www.schlupsi.de/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^Mustache$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

Page Statistics

34
Requests

12 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

10
IPs

4
Countries

2191 kB
Transfer

2994 kB
Size

10
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.haendlerbund.de/mitglied/show.php?uuid=d702e7b0-0e5d-11e7-b388-9c5c8e4fb375-7808616299

Search URL Search Domain Scan URL

URL: https://www.paypal.com/de/webapps/mpp/paypal-popup
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://www.schlupsi.de/&t=Das%20Konzept

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=Das%20Konzept&url=https%3A%2F%2Fwww.schlupsi.de%2F

Search URL Search Domain Scan URL

URL: https://cms.e.jimdo.com/app/cms/logout.php
Title: Abmelden

Search URL Search Domain Scan URL

URL: https://a.jimdo.com/app/auth/signin/jumpcms/?page=2173996160
Title: Bearbeiten

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xn--gefhlskarten-flb.com/ HTTP 301
https://www.schlupsi.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.schlupsi.de/
Redirect Chain

https://xn--gefhlskarten-flb.com/
https://www.schlupsi.de/

54 KB
14 KB

201ms
94ms

Document
text/html

52.31.35.146
Amazon.com

General

Domain/Path	Expires	Name / Value
www.schlupsi.de/	1969-12-31 23:59:59	Name: __utmc Value: 240786433
www.schlupsi.de/	1970-01-18 20:29:01	Name: __utmz Value: 240786433.1526773535.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.schlupsi.de/	1970-01-18 16:06:15	Name: __utmb Value: 240786433.1.10.1526773535
.schlupsi.de/	1970-01-18 20:29:01	Name: __utmz Value: 240786433.1526773535.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.schlupsi.de/	1970-01-19 09:37:25	Name: __utma Value: 240786433.2075009798.1526773535.1526773535.1526773535.1
.schlupsi.de/	1970-01-18 16:06:14	Name: __utmt_a Value: 1
.schlupsi.de/	1969-12-31 23:59:59	Name: __utmc Value: 240786433
www.schlupsi.de/	1970-01-18 16:06:15	Name: __utmb Value: 240786433.2.10.1526773535
www.schlupsi.de/	1970-01-18 16:06:14	Name: __utmt_b Value: 1
.schlupsi.de/	1970-01-19 09:37:25	Name: __utma Value: 240786433.2075009798.1526773535.1526773535.1526773535.1

www.schlupsi.de Open in urlscan Pro 52.31.35.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

12 %HTTPS

0 %IPv6

10 Domains

14 Subdomains

10 IPs

4 Countries

2191 kBTransfer

2994 kBSize

10 Cookies

6 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.schlupsi.de Open in urlscan Pro
52.31.35.146 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

12 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

10
IPs

4
Countries

2191 kB
Transfer

2994 kB
Size

10
Cookies

34 HTTP transactions
4 data transactions