der-mann.info Open in urlscan Pro
2606:4700:3031::ac43:96ae Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://u-5556.onetouch20.com/api/rtb-pops/go?id=276899665671&sig=7ab96c6646c0611f41beea5d94c439&u=aHR0cHM6Ly92Ni53bnQtczBtZS1...
Effective URL:
https://der-mann.info/r/youtube/49062?count=10&declCount=10&fullScreenMode=disabled&utm_source=pops
Submission: On September 13 via api (September 13th 2024, 2:53:19 am UTC) from LU — Scanned from GB

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3031::ac43:96ae, located in United States and belongs to CLOUDFLARENET, US. The main domain is der-mann.info.
TLS certificate: Issued by WE1 on September 2nd 2024. Valid for: 3 months.

This is the only time der-mann.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::ac43:ae84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:303... 2606:4700:3031::6815:1a0e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2606:4700:303... 2606:4700:3031::ac43:96ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2606:4700:303... 2606:4700:3033::ac43:8b4a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2

1 2606:4700:3033::ac43:ae84 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

u-5556.onetouch20.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:1a0e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

auto-bg.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

trovare.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bghm.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3031::ac43:96ae (United States)

ASN13335 (CLOUDFLARENET, US)

der-mann.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::ac43:8b4a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

burningapril.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	der-mann.info der-mann.info	31 KB
4	burningapril.info 1 redirects burningapril.info — Cisco Umbrella Rank: 70154	1 KB
2	auto-bg.info 2 redirects auto-bg.info — Cisco Umbrella Rank: 303472	2 KB
1	bghm.info 1 redirects bghm.info	810 B
1	trovare.info 1 redirects trovare.info	693 B
1	onetouch20.com 1 redirects u-5556.onetouch20.com	657 B
17	6

	Domain	Requested by
14	der-mann.info	der-mann.info
4	burningapril.info	1 redirects
2	auto-bg.info	2 redirects
1	bghm.info	1 redirects
1	trovare.info	1 redirects
1	u-5556.onetouch20.com	1 redirects
17	6

This site contains no links.

Subject Issuer	Validity	Valid
der-mann.info WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh
burningapril.info WE1	`2024-08-03` - `2024-11-01`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://der-mann.info/r/youtube/49062?count=10&declCount=10&fullScreenMode=disabled&utm_source=pops
Frame ID: 8B4F874D5BDBFFD0FB8FF804F6C94A14
Requests: 8 HTTP requests in this frame

Frame: https://der-mann.info/media/landings/youtube/images/full.svg?b=12
Frame ID: 0A1DAF0759FF635DFBF294202215F7BC
Requests: 1 HTTP requests in this frame

Frame: https://der-mann.info/media/landings/youtube/images/play.svg?b=12
Frame ID: 11308BD701E82C2E6FC9F4BBFDB79742
Requests: 1 HTTP requests in this frame

Frame: https://der-mann.info/media/landings/youtube/images/save.svg?b=12
Frame ID: E05BFD7D73B3C5037977ED2A104E8F41
Requests: 1 HTTP requests in this frame

Frame: https://der-mann.info/media/landings/youtube/images/options.svg?b=12
Frame ID: D5C96B7C5C19CDD907E1B71EE8FE1C84
Requests: 1 HTTP requests in this frame

Frame: https://der-mann.info/media/landings/youtube/images/sound.svg?b=12
Frame ID: 1D21C71E55BD09075CBC7022FBB37E56
Requests: 1 HTTP requests in this frame

Frame: https://der-mann.info/media/landings/youtube/images/loading.svg?b=12
Frame ID: 8F678E1CBD09E93E819577F8EC9E513B
Requests: 1 HTTP requests in this frame

Frame: https://der-mann.info/media/landings/youtube/images/go.svg?b=12
Frame ID: 266477BD34FE6DE5F3AF8BA1793EB4CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

To access the website click the "Allow" button

Page URL History Show full URLs

http://u-5556.onetouch20.com/api/rtb-pops/go?id=276899665671&sig=7ab96c6646c0611f41beea5d94c439&u=aHR0cHM... HTTP 307
https://u-5556.onetouch20.com/api/rtb-pops/go?id=276899665671&sig=7ab96c6646c0611f41beea5d94c439&u=aHR0cHM... HTTP 302
https://auto-bg.info/dvzMy91L?sub_id_1=pops&sub_id_2=ni&sub_id_2=ni&sub_id_3={click_age} HTTP 302
https://trovare.info/pop-go/54343?utm_source=&sub1=327ul6t4lrbrdk&sub2= HTTP 302
https://auto-bg.info/yX5n98X9?source=54343&sub_id_1=pops&sub_id_2={reason}&sub_id_3={click_age} HTTP 302
https://bghm.info/rs/49062?count=10&declCount=10&fullScreenMode=disabled&utm_source=pops HTTP 302
https://der-mann.info/r/youtube/49062?count=10&declCount=10&fullScreenMode=disabled&utm_source=pops Page URL

Page Statistics

17
Requests

94 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

2
IPs

1
Countries

32 kB
Transfer

111 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://u-5556.onetouch20.com/api/rtb-pops/go?id=276899665671&sig=7ab96c6646c0611f41beea5d94c439&u=aHR0cHM6Ly92Ni53bnQtczBtZS1wdXNoLmNvbS9yLzhhb3gxRU1sMnZaUExhdlE1ZVV2aEZXZlA2M3A3MW9seVFDY2Y2ZEJOLUE1aTZGekZuQVVScnhzYm9LTGdZejl6MXp0OTlUdFltaGlvNzh0d1YxalJuWEE1OXNwVDk4bmxqeEJna3BFaHQ2Nm42aUJHVHZsTHlwdWlaY0pKcUhEejhLcXFwZTZRbGpVZWNObm5CZXptTjVRV0V2dXlwM25LYmZPb00zOUFsVWd1Y1F0UjZxd25mSk5JZjhhYjIyYkFVbEZ6S1Q0TlcybmZ0TVNPbGlqX2FoUmFUd2wtTVV4VHJaYUxXRWhoZlp6b05YRkc4bk11eUI1Qm90S201NExpdWhJbUNWYXY2STdOUWVCS0pDWmRnY2IwWVNMQzdSUzhycFpvazdkQkRkV3JSTVNNQkUyQmM1NmJXRjVydm9HVGtjZVhWaldVNVJqdGk5TExFb1FNZmZmN3R1cW15aEE2NlZEbnVnRlNNM1c2X1kyMThCVmdKTmlXMEEwdDkxekxlX05ab3k4Y2dMSDBqcDZtcV8wcU1RSmFIVm5NZ3VOcVE4NjBPemdlM0FXMWtzWEJOVC1VQVJPZzRUWmRRYWdQQ3RQRkpTUEhadHFvY1JSMzZzNi1idEdrMDk3emQ4bmJ2UGxHbkhoNTluOU5Wb09oeDdaRE9nQ2FpUkJrdWlrZmlONzRGdDY4aXB1Qk1IOGFvRmtaQzdQYklKZ1hnYUdCN1NEMHNDUVBjWjVnM3df&redirect=js HTTP 307
https://u-5556.onetouch20.com/api/rtb-pops/go?id=276899665671&sig=7ab96c6646c0611f41beea5d94c439&u=aHR0cHM6Ly92Ni53bnQtczBtZS1wdXNoLmNvbS9yLzhhb3gxRU1sMnZaUExhdlE1ZVV2aEZXZlA2M3A3MW9seVFDY2Y2ZEJOLUE1aTZGekZuQVVScnhzYm9LTGdZejl6MXp0OTlUdFltaGlvNzh0d1YxalJuWEE1OXNwVDk4bmxqeEJna3BFaHQ2Nm42aUJHVHZsTHlwdWlaY0pKcUhEejhLcXFwZTZRbGpVZWNObm5CZXptTjVRV0V2dXlwM25LYmZPb00zOUFsVWd1Y1F0UjZxd25mSk5JZjhhYjIyYkFVbEZ6S1Q0TlcybmZ0TVNPbGlqX2FoUmFUd2wtTVV4VHJaYUxXRWhoZlp6b05YRkc4bk11eUI1Qm90S201NExpdWhJbUNWYXY2STdOUWVCS0pDWmRnY2IwWVNMQzdSUzhycFpvazdkQkRkV3JSTVNNQkUyQmM1NmJXRjVydm9HVGtjZVhWaldVNVJqdGk5TExFb1FNZmZmN3R1cW15aEE2NlZEbnVnRlNNM1c2X1kyMThCVmdKTmlXMEEwdDkxekxlX05ab3k4Y2dMSDBqcDZtcV8wcU1RSmFIVm5NZ3VOcVE4NjBPemdlM0FXMWtzWEJOVC1VQVJPZzRUWmRRYWdQQ3RQRkpTUEhadHFvY1JSMzZzNi1idEdrMDk3emQ4bmJ2UGxHbkhoNTluOU5Wb09oeDdaRE9nQ2FpUkJrdWlrZmlONzRGdDY4aXB1Qk1IOGFvRmtaQzdQYklKZ1hnYUdCN1NEMHNDUVBjWjVnM3df&redirect=js HTTP 302
https://auto-bg.info/dvzMy91L?sub_id_1=pops&sub_id_2=ni&sub_id_2=ni&sub_id_3={click_age} HTTP 302
https://trovare.info/pop-go/54343?utm_source=&sub1=327ul6t4lrbrdk&sub2= HTTP 302
https://auto-bg.info/yX5n98X9?source=54343&sub_id_1=pops&sub_id_2={reason}&sub_id_3={click_age} HTTP 302
https://bghm.info/rs/49062?count=10&declCount=10&fullScreenMode=disabled&utm_source=pops HTTP 302
https://der-mann.info/r/youtube/49062?count=10&declCount=10&fullScreenMode=disabled&utm_source=pops Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://burningapril.info/api/subscription/detect HTTP 307
https://burningapril.info/api/subscription/detect?srv=2

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request 49062 Show response
der-mann.info/r/youtube/
Redirect Chain

http://u-5556.onetouch20.com/api/rtb-pops/go?id=276899665671&sig=7ab96c6646c0611f41beea5d94c439&u=aHR0cHM6Ly92Ni53bnQtczBtZS1wdXNoLmNvbS9yLzhhb3gxRU1sMnZaUExhdlE1ZVV2aEZXZlA2M3A3MW9seVFDY2Y2ZEJOLUE...
https://u-5556.onetouch20.com/api/rtb-pops/go?id=276899665671&sig=7ab96c6646c0611f41beea5d94c439&u=aHR0cHM6Ly92Ni53bnQtczBtZS1wdXNoLmNvbS9yLzhhb3gxRU1sMnZaUExhdlE1ZVV2aEZXZlA2M3A3MW9seVFDY2Y2ZEJOLU...
https://auto-bg.info/dvzMy91L?sub_id_1=pops&sub_id_2=ni&sub_id_2=ni&sub_id_3={click_age}
https://trovare.info/pop-go/54343?utm_source=&sub1=327ul6t4lrbrdk&sub2=
https://auto-bg.info/yX5n98X9?source=54343&sub_id_1=pops&sub_id_2={reason}&sub_id_3={click_age}
https://bghm.info/rs/49062?count=10&declCount=10&fullScreenMode=disabled&utm_source=pops
https://der-mann.info/r/youtube/49062?count=10&declCount=10&fullScreenMode=disabled&utm_source=pops

4 KB
2 KB

196ms
76ms

Document
text/html

2606:4700:3031::ac43:96ae
CLOUDFLARENET

General

Domain/Path	Expires	Name / Value
auto-bg.info/	1970-01-21 00:14:34	Name: _token Value: uuid_327ul6t4lrbrdk_327ul6t4lrbrdk66e3a919b53c58.21194544
auto-bg.info/	1970-01-21 00:14:34	Name: _subid Value: 327ul6t4lrbrdm
auto-bg.info/	1970-01-21 09:05:55	Name: bc730 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMxNzBcIjoxNzI2MTk1OTkzLFwiNzEyNVwiOjE3MjYxOTU5OTR9LFwiY2FtcGFpZ25zXCI6e1wiNTExXCI6MTcyNjE5NTk5MyxcIjUxMFwiOjE3MjYxOTU5OTR9LFwidGltZVwiOjE3MjYxOTU5OTN9In0.hetNgyuTzTeKmniqrCNyIIepBFzix2yIrFiyr-i_Pns
bghm.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: frh5a8gjfs3aechue753gfo59i
bghm.info/	1970-01-20 23:31:22	Name: pushca-unq Value: 6288567d9e4e4c7b209a6dd42d3eae36a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22pushca-unq%22%3Bi%3A1%3Bs%3A3%3A%22yes%22%3B%7D
der-mann.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: lhjkrq5i3odrqt9qqnv28f3894
der-mann.info/	1969-12-31 23:59:59	Name: _csrf Value: e277cc32da081fa1de1efecc7b6492b8a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22EXCP5UwFz_3HZ_eZwFhbt3RBOvcKZZS5%22%3B%7D
burningapril.info/	1970-01-21 09:05:55	Name: push-ca-uid Value: 0daaaa6a8e10e792dd8b6c5e70073a41a%3A2%3A%7Bi%3A0%3Bs%3A11%3A%22push-ca-uid%22%3Bi%3A1%3Bs%3A14%3A%2232680395566676%22%3B%7D
burningapril.info/	1970-01-21 09:05:55	Name: push-ca-srv Value: 8e841d077465f4e50692c17c1ecff0c0a%3A2%3A%7Bi%3A0%3Bs%3A11%3A%22push-ca-srv%22%3Bi%3A1%3Bs%3A1%3A%222%22%3B%7D

der-mann.info Open in urlscan Pro 2606:4700:3031::ac43:96ae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

94 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

2 IPs

1 Countries

32 kBTransfer

111 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

9 Cookies

1 Console Messages

Security Headers

Indicators

der-mann.info Open in urlscan Pro
2606:4700:3031::ac43:96ae Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

2
IPs

1
Countries

32 kB
Transfer

111 kB
Size

9
Cookies

17 HTTP transactions
0 data transactions