urlscan.io logo urlscan.io
SecurityTrails logo

smartphone-gewinner.de Open in urlscan Pro
185.3.41.66  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://clicks.aweber.com/y/ct/?l=DK_rX&m=iFerrZ8RnTSJ20M&b=ZPtxHkBUcPDsvSiMdSI8QQ
Effective URL: https://smartphone-gewinner.de/
Submission: On April 12 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 12 domains to perform 26 HTTP transactions. The main IP is 185.3.41.66, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is smartphone-gewinner.de.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on October 20th 2017. Valid for: a year.
This is the only time smartphone-gewinner.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 204.194.222.24 11810 (AWEBER-SY...)
1 1 216.58.214.110 15169 (GOOGLE)
1 1 108.167.182.245 20013 (CYRUSONE)
4 4 69.172.200.185 19324 (DOSARREST)
1 1 89.191.66.193 34624 (MEGASPACE-AS)
3 13 185.3.41.66 34788 (NMM-AS D)
1 172.217.21.234 15169 (GOOGLE)
1 104.19.196.102 13335 (CLOUDFLAR...)
3 213.238.42.215 9211 (WORK-AS N...)
2 217.70.142.110 15366 (DNSNET Ge...)
26 6
1    204.194.222.24 (United States)

ASN11810 (AWEBER-SYSTEMS - AWeber Systems, Inc., US)
PTR: analytics.aweber.com
clicks.aweber.com
1    216.58.214.110 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f14.1e100.net
goo.gl
1    108.167.182.245 (Houston, United States)

ASN20013 (CYRUSONE - CyrusOne LLC, US)
digitechs.tk
4    69.172.200.185 (New York, United States)

ASN19324 (DOSARREST - Dosarrest Internet Security LTD, US)
PTR: maxbounty.com
www.mb102.com
www.maxbounty.com
maxbounty.com
1    89.191.66.193 (Germany)

ASN34624 (MEGASPACE-AS, DE)
gate.adperia.de
13    185.3.41.66 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: c215lb.kasserver.com
smartphone-gewinner.de
1    172.217.21.234 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f10.1e100.net
ajax.googleapis.com
1    104.19.196.102 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
3    213.238.42.215 (Germany)

ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE)
p.k4r.de
2    217.70.142.110 (Berlin, Germany)

ASN15366 (DNSNET German Internet Service Providers, DE)
PTR: www10.web-server.biz
zadcloud.com
Apex Domain
Subdomains		 Transfer
13 smartphone-gewinner.de
smartphone-gewinner.de
203 KB
3 k4r.de
p.k4r.de
12 KB
3 maxbounty.com
www.maxbounty.com
maxbounty.com
2 KB
2 zadcloud.com
zadcloud.com
27 KB
1 cloudflare.com
cdnjs.cloudflare.com
11 KB
1 googleapis.com
ajax.googleapis.com
33 KB
1 adperia.de
gate.adperia.de
289 B
1 mb102.com
www.mb102.com
428 B
1 digitechs.tk
digitechs.tk
258 B
1 goo.gl
goo.gl
383 B
1 aweber.com
clicks.aweber.com
284 B
0 Failed
function sub() { [native code] }. Failed
26 12
Domain Requested by
13 smartphone-gewinner.de 3 redirects smartphone-gewinner.de
ajax.googleapis.com
3 p.k4r.de smartphone-gewinner.de
p.k4r.de
2 zadcloud.com smartphone-gewinner.de
2 www.maxbounty.com 2 redirects
1 cdnjs.cloudflare.com smartphone-gewinner.de
1 ajax.googleapis.com smartphone-gewinner.de
1 gate.adperia.de 1 redirects
1 maxbounty.com 1 redirects
1 www.mb102.com 1 redirects
1 digitechs.tk 1 redirects
1 goo.gl 1 redirects
1 clicks.aweber.com 1 redirects
0 victoria Failed smartphone-gewinner.de
0 forme Failed smartphone-gewinner.de
0 universal Failed smartphone-gewinner.de
0 sky Failed smartphone-gewinner.de
0 burda_verlag Failed smartphone-gewinner.de
0 burda_direct Failed smartphone-gewinner.de
0 kuechen-quelle Failed smartphone-gewinner.de
0 dinner-for-dogs Failed smartphone-gewinner.de
0 bauer Failed smartphone-gewinner.de
26 21

This site contains no links.

Subject Issuer Validity Valid
smartphone-gewinner.de
COMODO RSA Organization Validation Secure Server CA		 2017-10-20 -
2018-10-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://smartphone-gewinner.de/
Frame ID: C6D31CAA2BA55F012F01B968B315D709
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://clicks.aweber.com/y/ct/?l=DK_rX&m=iFerrZ8RnTSJ20M&b=ZPtxHkBUcPDsvSiMdSI8QQ HTTP 302
    https://goo.gl/x2RyqW HTTP 301
    http://digitechs.tk/ HTTP 301
    http://www.mb102.com/lnk.asp?o=12748&c=918273&a=226743&l=13146/ HTTP 302
    https://www.maxbounty.com/lnk.asp?o=12748&c=918273&a=226743&l=13146/ HTTP 302
    http://maxbounty.com/def.cfm?i=226743&o=12748&c=DE&d=D HTTP 302
    http://www.maxbounty.com/r.asp?f=0&n=32364&x=680229&z=140228 HTTP 302
    http://gate.adperia.de/10349/?token-id=&sub-id=147150&sub-id2=790737310 HTTP 302
    http://smartphone-gewinner.de/?PR_ID=AF-bounty-5367&token-id=&sub-id=147150&sub-id2=790737310 HTTP 301
    https://smartphone-gewinner.de/?PR_ID=AF-bounty-5367&token-id=&sub-id=147150&sub-id2=790737310 HTTP 303
    https://smartphone-gewinner.de/?redirectSessionTest=1 HTTP 303
    https://smartphone-gewinner.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

26
Requests

38 %
HTTPS

0 %
IPv6

12
Domains

21
Subdomains

6
IPs

2
Countries

284 kB
Transfer

475 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://clicks.aweber.com/y/ct/?l=DK_rX&m=iFerrZ8RnTSJ20M&b=ZPtxHkBUcPDsvSiMdSI8QQ HTTP 302
    https://goo.gl/x2RyqW HTTP 301
    http://digitechs.tk/ HTTP 301
    http://www.mb102.com/lnk.asp?o=12748&c=918273&a=226743&l=13146/ HTTP 302
    https://www.maxbounty.com/lnk.asp?o=12748&c=918273&a=226743&l=13146/ HTTP 302
    http://maxbounty.com/def.cfm?i=226743&o=12748&c=DE&d=D HTTP 302
    http://www.maxbounty.com/r.asp?f=0&n=32364&x=680229&z=140228 HTTP 302
    http://gate.adperia.de/10349/?token-id=&sub-id=147150&sub-id2=790737310 HTTP 302
    http://smartphone-gewinner.de/?PR_ID=AF-bounty-5367&token-id=&sub-id=147150&sub-id2=790737310 HTTP 301
    https://smartphone-gewinner.de/?PR_ID=AF-bounty-5367&token-id=&sub-id=147150&sub-id2=790737310 HTTP 303
    https://smartphone-gewinner.de/?redirectSessionTest=1 HTTP 303
    https://smartphone-gewinner.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
smartphone-gewinner.de/
Redirect Chain
  • http://clicks.aweber.com/y/ct/?l=DK_rX&m=iFerrZ8RnTSJ20M&b=ZPtxHkBUcPDsvSiMdSI8QQ
  • https://goo.gl/x2RyqW
  • http://digitechs.tk/
  • http://www.mb102.com/lnk.asp?o=12748&c=918273&a=226743&l=13146/
  • https://www.maxbounty.com/lnk.asp?o=12748&c=918273&a=226743&l=13146/
  • http://maxbounty.com/def.cfm?i=226743&o=12748&c=DE&d=D
  • http://www.maxbounty.com/r.asp?f=0&n=32364&x=680229&z=140228
  • http://gate.adperia.de/10349/?token-id=&sub-id=147150&sub-id2=790737310
  • http://smartphone-gewinner.de/?PR_ID=AF-bounty-5367&token-id=&sub-id=147150&sub-id2=790737310
  • https://smartphone-gewinner.de/?PR_ID=AF-bounty-5367&token-id=&sub-id=147150&sub-id2=790737310
  • https://smartphone-gewinner.de/?redirectSessionTest=1
  • https://smartphone-gewinner.de/
35 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
c86eaa155c93d023515112507df9f81d447024b28f0886bc0ca8f9a3a24f650e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
smartphone-gewinner.de
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Cookie
PHPSESSID=1beabfd22b68a0936cb5857580e965bb
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Apr 2018 17:17:55 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=998
Content-Length
6597
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 12 Apr 2018 17:17:55 GMT
Server
Apache
Content-Type
text/html
Location
https://smartphone-gewinner.de/
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=999
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
styles.css
smartphone-gewinner.de/template/_media/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://smartphone-gewinner.de/template/_media/css/styles.css?1523450896
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
b5636b4d3f7745be25f16464d9b3802201d22e5b571e27490e68023ecf452ff1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
smartphone-gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://smartphone-gewinner.de/
Cookie
PHPSESSID=1beabfd22b68a0936cb5857580e965bb
Connection
keep-alive
Cache-Control
no-cache
Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 12:48:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=997
Content-Length
3951
Expires
Sun, 15 Apr 2018 17:17:55 GMT
freemailer.css
smartphone-gewinner.de/template/_media/css/ 		2 KB
1015 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://smartphone-gewinner.de/template/_media/css/freemailer.css
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
364aa7ef86129aed49327ede981f90833ce5471c330150fca478b8e706eeb82f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
smartphone-gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://smartphone-gewinner.de/
Cookie
PHPSESSID=1beabfd22b68a0936cb5857580e965bb
Connection
keep-alive
Cache-Control
no-cache
Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 12:48:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=996
Content-Length
656
Expires
Sun, 15 Apr 2018 17:17:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
SPDY
Server
172.217.21.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f10.1e100.net
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Mon, 12 Feb 2018 20:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5087364
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35"
content-length
33495
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Feb 2019 20:08:31 GMT
skripte.js
smartphone-gewinner.de/template/_media/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartphone-gewinner.de/template/_media/js/skripte.js?1523450896
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
bcf870cb74b7dae5c3653e038db841555403733a73d1e98f1cc3be90b5c9abd6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
smartphone-gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://smartphone-gewinner.de/
Cookie
PHPSESSID=1beabfd22b68a0936cb5857580e965bb
Connection
keep-alive
Cache-Control
no-cache
Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 12:48:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
1211
Expires
Sun, 15 Apr 2018 17:17:55 GMT
jquery-popunder.js
smartphone-gewinner.de/template/_media/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartphone-gewinner.de/template/_media/js/jquery-popunder.js
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
db557ccea13c20360f029644b3c175a86cd6ffbc361e4b9393921ff7384271b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
smartphone-gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://smartphone-gewinner.de/
Cookie
PHPSESSID=1beabfd22b68a0936cb5857580e965bb
Connection
keep-alive
Cache-Control
no-cache
Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 12:48:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
2434
Expires
Sun, 15 Apr 2018 17:17:55 GMT
jquery-matchheight.js
smartphone-gewinner.de/template/_media/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smartphone-gewinner.de/template/_media/js/jquery-matchheight.js
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
9aafb465a39e5ce9cdea0237c57406e0df413bf382e5064ab689f0ff5fb997a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
smartphone-gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://smartphone-gewinner.de/
Cookie
PHPSESSID=1beabfd22b68a0936cb5857580e965bb
Connection
keep-alive
Cache-Control
no-cache
Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Apr 2018 12:48:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=1000
Content-Length
3033
Expires
Sun, 15 Apr 2018 17:17:55 GMT
fingerprint2.min.js
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.0/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/1.5.0/fingerprint2.min.js
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
SPDY
Server
104.19.196.102 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
13774735c1ed030c52d47a268b2a2d1bc16be14cc433c61fcfc6ee1f81a4e96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 17:17:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2017 16:31:58 GMT
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
40a75965ab409774-FRA
expires
Tue, 02 Apr 2019 17:17:55 GMT
pSSmKxqQqvrX8CYH-5Ez.js
p.k4r.de/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.k4r.de/js/pSSmKxqQqvrX8CYH-5Ez.js
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
SPDY
Server
213.238.42.215 , Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software
nginx/1.10.1 + Phusion Passenger / Phusion Passenger
Resource Hash
8e16866478a9a586815aecf48661092016e051a25ef40975ad93a39260704ae0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

x-runtime
0.005234
date
Thu, 12 Apr 2018 17:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
server
nginx/1.10.1 + Phusion Passenger
x-powered-by
Phusion Passenger
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
status
200, 200 OK
x-xss-protection
1; mode=block
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=63072000; includeSubdomains
vary
Accept-Encoding
etag
W/"e6e6afe0da21f12d69a8edcf7daa006b"
x-request-id
2972c68c-4196-4923-809f-dc377f8528da
bauer_s.png
bauer/ 		0
0
dinner-for-dogs_s.png
dinner-for-dogs/ 		0
0
kuechen-quelle_s.png
kuechen-quelle/ 		0
0
burda_direct_s.png
burda_direct/ 		0
0
burda_verlag_s.png
burda_verlag/ 		0
0
sky_s.png
sky/ 		0
0
universal_s.png
universal/ 		0
0
forme_s.png
forme/ 		0
0
victoria_s.png
victoria/ 		0
0
script.js
zadcloud.com/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zadcloud.com/script.js?0.08333840012306304
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Server
217.70.142.110 Berlin, Germany, ASN15366 (DNSNET German Internet Service Providers, DE),
Reverse DNS
www10.web-server.biz
Software
Apache/2.4.10 (Debian) mod_fcgid/2.3.9 PHP/5.6.33-0+deb8u1 OpenSSL/1.0.1t /
Resource Hash
cd1542116c511575d3d6ee590fbb87357229c6c5ac444748295783e3db33f308

Request headers

Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Feb 2018 14:03:49 GMT
Server
Apache/2.4.10 (Debian) mod_fcgid/2.3.9 PHP/5.6.33-0+deb8u1 OpenSSL/1.0.1t
ETag
"f19e-5661dfab15d5a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
25228
license.44.js
zadcloud.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zadcloud.com/license.44.js?0.6743227675878776
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Server
217.70.142.110 Berlin, Germany, ASN15366 (DNSNET German Internet Service Providers, DE),
Reverse DNS
www10.web-server.biz
Software
Apache/2.4.10 (Debian) mod_fcgid/2.3.9 PHP/5.6.33-0+deb8u1 OpenSSL/1.0.1t /
Resource Hash
0aeb7c1e4a2b811f56bcc0ff9e085b8ae149796737bafc24369e5ce11ec6989d

Request headers

Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Feb 2018 14:01:35 GMT
Server
Apache/2.4.10 (Debian) mod_fcgid/2.3.9 PHP/5.6.33-0+deb8u1 OpenSSL/1.0.1t
ETag
"bfe-5661df2b90552-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
1343
background.jpg
smartphone-gewinner.de/template/_media/media/style/ 		464 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartphone-gewinner.de/template/_media/media/style/background.jpg
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
720400c04e6c298225d49029ba7824af2a17204d8a3854bc2ca34d350f309fb7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
smartphone-gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://smartphone-gewinner.de/template/_media/css/styles.css?1523450896
Cookie
PHPSESSID=1beabfd22b68a0936cb5857580e965bb
Connection
keep-alive
Cache-Control
no-cache
Referer
https://smartphone-gewinner.de/template/_media/css/styles.css?1523450896
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Last-Modified
Wed, 11 Apr 2018 12:48:16 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=999
Content-Length
464
Expires
Thu, 26 Apr 2018 17:17:55 GMT
btn-weiter_v2.png
smartphone-gewinner.de/template/_media/media/style/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartphone-gewinner.de/template/_media/media/style/btn-weiter_v2.png
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
a38f6136713bf5fea0ca8508f63c611705f5a23aecf8e8a7209a2845dc295834

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
smartphone-gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://smartphone-gewinner.de/template/_media/css/styles.css?1523450896
Cookie
PHPSESSID=1beabfd22b68a0936cb5857580e965bb
Connection
keep-alive
Cache-Control
no-cache
Referer
https://smartphone-gewinner.de/template/_media/css/styles.css?1523450896
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Last-Modified
Wed, 11 Apr 2018 12:48:16 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=999
Content-Length
9365
Expires
Thu, 26 Apr 2018 17:17:55 GMT
fallback_v2.png
smartphone-gewinner.de/template/_media/media/style/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartphone-gewinner.de/template/_media/media/style/fallback_v2.png
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
267e1bcc71ae318dffc80891751d73fc97d0b22abfed016e4715773b422ab139

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
smartphone-gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://smartphone-gewinner.de/template/_media/css/styles.css?1523450896
Cookie
PHPSESSID=1beabfd22b68a0936cb5857580e965bb
Connection
keep-alive
Cache-Control
no-cache
Referer
https://smartphone-gewinner.de/template/_media/css/styles.css?1523450896
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Last-Modified
Wed, 11 Apr 2018 12:48:16 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=999
Content-Length
175184
Expires
Thu, 26 Apr 2018 17:17:55 GMT
80_proz_000.png
smartphone-gewinner.de/template/_media/media/style/ 		68 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smartphone-gewinner.de/template/_media/media/style/80_proz_000.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.3.41.66 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
c215lb.kasserver.com
Software
Apache /
Resource Hash
e1720f83834957d6b9af15aeaff99ecdcade5d182f7ee199c975b11bd4be39d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
smartphone-gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://smartphone-gewinner.de/template/_media/css/styles.css?1523450896
Cookie
PHPSESSID=1beabfd22b68a0936cb5857580e965bb
Connection
keep-alive
Cache-Control
no-cache
Referer
https://smartphone-gewinner.de/template/_media/css/styles.css?1523450896
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 12 Apr 2018 17:17:55 GMT
Last-Modified
Wed, 11 Apr 2018 12:48:16 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=998
Content-Length
68
Expires
Thu, 26 Apr 2018 17:17:55 GMT
set_fp_hash
p.k4r.de/ 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.k4r.de/set_fp_hash?fp_hash=8180b48ef65201425ef37f325465bad6
Requested by
Host: smartphone-gewinner.de
URL: https://smartphone-gewinner.de/
Protocol
SPDY
Server
213.238.42.215 , Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software
nginx/1.10.1 + Phusion Passenger / Phusion Passenger
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://smartphone-gewinner.de/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 12 Apr 2018 17:17:55 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-powered-by
Phusion Passenger
status
200, 200 OK
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
a6d9f223-d936-43ed-89e6-a7a8105fafea
x-runtime
0.003109
server
nginx/1.10.1 + Phusion Passenger
x-frame-options
SAMEORIGIN
etag
W/"720db3d3342e33edd1e244c53a0ff742"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
image/gif
cache-control
private
save_finger_print
p.k4r.de/ 		4 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.k4r.de/save_finger_print
Requested by
Host: p.k4r.de
URL: https://p.k4r.de/js/pSSmKxqQqvrX8CYH-5Ez.js
Protocol
SPDY
Server
213.238.42.215 , Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software
nginx/1.10.1 + Phusion Passenger / Phusion Passenger
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://smartphone-gewinner.de/
Origin
https://smartphone-gewinner.de
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 12 Apr 2018 17:17:56 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-powered-by
Phusion Passenger
status
200, 200 OK
vary
Accept-Encoding
access-control-request-method
*
x-request-id
9d6db37f-830d-420c-af9f-73b7fda3e519
x-runtime
0.016474
server
nginx/1.10.1 + Phusion Passenger
x-frame-options
SAMEORIGIN
etag
W/"90ef8697d48a3806d98ee619892b7b61"
strict-transport-security
max-age=63072000; includeSubdomains
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=0, private, must-revalidate

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bauer
URL
https://bauer/bauer_s.png
Domain
dinner-for-dogs
URL
https://dinner-for-dogs/dinner-for-dogs_s.png
Domain
kuechen-quelle
URL
https://kuechen-quelle/kuechen-quelle_s.png
Domain
burda_direct
URL
https://burda_direct/burda_direct_s.png
Domain
burda_verlag
URL
https://burda_verlag/burda_verlag_s.png
Domain
sky
URL
https://sky/sky_s.png
Domain
universal
URL
https://universal/universal_s.png
Domain
forme
URL
https://forme/forme_s.png
Domain
victoria
URL
https://victoria/victoria_s.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| SliderTimer function| transition function| setCampaignValue function| getCampaignValue object| jQuery111208064027370822946 function| loadScript string| base function| I3yy object| BetterJsPop function| E4vv function| Fingerprint2 object| iframe function| retry function| isIE10OrLater function| detectPrivateMode string| finger_print_hash string| iframe_ls_token string| private_browsing object| image_tag function| UAParser function| MmpTracking object| fp object| jsv object| values object| keys string| hash undefined| t

4 Cookies

Domain/Path Name / Value
.p.k4r.de/ Name: mmpfp_hash
Value: 8180b48ef65201425ef37f325465bad6
.k4r.de/ Name: p_k4r_de
Value: 570d73ef2c3853d48d44cdc288616eea
smartphone-gewinner.de/ Name: mmpfp_hash
Value: 8180b48ef65201425ef37f325465bad6
smartphone-gewinner.de/ Name: PHPSESSID
Value: 1beabfd22b68a0936cb5857580e965bb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bauer
burda_direct
burda_verlag
cdnjs.cloudflare.com
clicks.aweber.com
digitechs.tk
dinner-for-dogs
forme
gate.adperia.de
goo.gl
kuechen-quelle
maxbounty.com
p.k4r.de
sky
smartphone-gewinner.de
universal
victoria
www.maxbounty.com
www.mb102.com
zadcloud.com
bauer
burda_direct
burda_verlag
dinner-for-dogs
forme
kuechen-quelle
sky
universal
victoria
104.19.196.102
108.167.182.245
172.217.21.234
185.3.41.66
204.194.222.24
213.238.42.215
216.58.214.110
217.70.142.110
69.172.200.185
89.191.66.193
0aeb7c1e4a2b811f56bcc0ff9e085b8ae149796737bafc24369e5ce11ec6989d
13774735c1ed030c52d47a268b2a2d1bc16be14cc433c61fcfc6ee1f81a4e96e
267e1bcc71ae318dffc80891751d73fc97d0b22abfed016e4715773b422ab139
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
364aa7ef86129aed49327ede981f90833ce5471c330150fca478b8e706eeb82f
720400c04e6c298225d49029ba7824af2a17204d8a3854bc2ca34d350f309fb7
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
8e16866478a9a586815aecf48661092016e051a25ef40975ad93a39260704ae0
9aafb465a39e5ce9cdea0237c57406e0df413bf382e5064ab689f0ff5fb997a3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a38f6136713bf5fea0ca8508f63c611705f5a23aecf8e8a7209a2845dc295834
b5636b4d3f7745be25f16464d9b3802201d22e5b571e27490e68023ecf452ff1
bcf870cb74b7dae5c3653e038db841555403733a73d1e98f1cc3be90b5c9abd6
c86eaa155c93d023515112507df9f81d447024b28f0886bc0ca8f9a3a24f650e
cd1542116c511575d3d6ee590fbb87357229c6c5ac444748295783e3db33f308
db557ccea13c20360f029644b3c175a86cd6ffbc361e4b9393921ff7384271b9
e1720f83834957d6b9af15aeaff99ecdcade5d182f7ee199c975b11bd4be39d5