4446839.catchtheclick.com

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 116.202.159.170, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is 4446839.catchtheclick.com.
TLS certificate: Issued by R3 on January 8th 2024. Valid for: 3 months.

This is the only time 4446839.catchtheclick.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	144.76.30.234 144.76.30.234	24940 (HETZNER-AS) (HETZNER-AS)
1	116.202.159.170 116.202.159.170	24940 (HETZNER-AS) (HETZNER-AS)
1	94.237.90.104 94.237.90.104	202053 (UPCLOUD) (UPCLOUD)
4	3

3 144.76.30.234 (Dottingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.234.30.76.144.clients.your-server.de

qua.rt-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.159.170 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.170.159.202.116.clients.your-server.de

4446839.catchtheclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.90.104 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-90-104.de-fra1.upcloud.host

1d6170ac978.traffic-c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	rt-redirect.com 1 redirects qua.rt-redirect.com	18 KB
1	traffic-c.com 1d6170ac978.traffic-c.com
1	catchtheclick.com 4446839.catchtheclick.com	756 B
4	3

	Domain	Requested by
3	qua.rt-redirect.com	1 redirects
1	1d6170ac978.traffic-c.com	4446839.catchtheclick.com
1	4446839.catchtheclick.com
4	3

This site contains no links.

Subject Issuer	Validity	Valid
qua.rt-redirect.com R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.catchtheclick.com R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
traffic-c.com R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh

This page contains 1 frames:

Frame: https://1d6170ac978.traffic-c.com/?p=5929&media_type=mainstream&click_id=Iii-SMPIgOiH66mLbIdxZioXMqNBU47ljXTXQHNiIkaKilVKuOONp9HHjtAXL0VFo9bJn9O2NvDxBxUwPja4ag&pi=3198-u34j45u9gt
Frame ID: E778EFF68A47FF11B23756905B5F3090
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Surfing Clicks

Page URL History Show full URLs

https://qua.rt-redirect.com/sl/shiphyx0 HTTP 302
https://qua.rt-redirect.com/sl/shiphyx0?short_code=nc7c Page URL
https://4446839.catchtheclick.com/?mob=JfQwZrPH-b-6w7LQ2zmiUHnjeMHcOgijJXW002cMC0YDFVVz1-Uh0cA0IvAKYdcGHKZePq2... Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

18 kB
Transfer

20 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://qua.rt-redirect.com/sl/shiphyx0 HTTP 302
https://qua.rt-redirect.com/sl/shiphyx0?short_code=nc7c Page URL
https://4446839.catchtheclick.com/?mob=JfQwZrPH-b-6w7LQ2zmiUHnjeMHcOgijJXW002cMC0YDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=74974a636ab6be67197216971ce78656 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://qua.rt-redirect.com/sl/shiphyx0 HTTP 302
https://qua.rt-redirect.com/sl/shiphyx0?short_code=nc7c

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	shiphyx0 qua.rt-redirect.com/sl/ Redirect Chain https://qua.rt-redirect.com/sl/shiphyx0 https://qua.rt-redirect.com/sl/shiphyx0?short_code=nc7c	4 KB 2 KB	124ms 123ms	Document text/html	144.76.30.234 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://qua.rt-redirect.com/sl/shiphyx0?short_code=nc7c Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 144.76.30.234 Dottingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.234.30.76.144.clients.your-server.de Software nginx/1.24.0 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Fri, 29 Mar 2024 22:30:06 GMT Expires 0 Pragma no-cache Server nginx/1.24.0 Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type text/html;charset=UTF-8 Date Fri, 29 Mar 2024 22:30:06 GMT Expires 0 Location https://qua.rt-redirect.com/sl/shiphyx0?short_code=nc7c Pragma no-cache Server nginx/1.24.0 Transfer-Encoding chunked
GET H/1.1	200 OK	Primary Request / Show response 4446839.catchtheclick.com/	1 KB 756 B	570ms 325ms	Document text/html	116.202.159.170 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://4446839.catchtheclick.com/?mob=JfQwZrPH-b-6w7LQ2zmiUHnjeMHcOgijJXW002cMC0YDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=74974a636ab6be67197216971ce78656 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 116.202.159.170 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.170.159.202.116.clients.your-server.de Software nginx/1.16.1 (Ubuntu) / Resource Hash `5ff3929899e8ea940f97b60f9645e1774bb5c4dcfaeba3f10a489d6fca1e3cbb` Request headers Referer https://qua.rt-redirect.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 29 Mar 2024 22:30:06 GMT Server nginx/1.16.1 (Ubuntu) Transfer-Encoding chunked
GET H/1.1	200 OK	favicon.ico qua.rt-redirect.com/	15 KB 15 KB	241ms 240ms	Other image/x-icon	144.76.30.234 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://qua.rt-redirect.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 144.76.30.234 Dottingen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.234.30.76.144.clients.your-server.de Software nginx/1.24.0 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://qua.rt-redirect.com/sl/shiphyx0?short_code=nc7c accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 29 Mar 2024 22:30:06 GMT Last-Modified Fri, 05 May 2023 06:01:01 GMT Server nginx/1.24.0 ETag "64549b9d-3c2e" Content-Type image/x-icon Connection keep-alive Accept-Ranges bytes Content-Length 15406
GET H2	204	/ 1d6170ac978.traffic-c.com/	0 0	568ms 122ms	Document text/html	94.237.90.104 UPCLOUD
General Check archive.org Show headers Download Go to Full URL https://1d6170ac978.traffic-c.com/?p=5929&media_type=mainstream&click_id=Iii-SMPIgOiH66mLbIdxZioXMqNBU47ljXTXQHNiIkaKilVKuOONp9HHjtAXL0VFo9bJn9O2NvDxBxUwPja4ag&pi=3198-u34j45u9gt Requested by Host: 4446839.catchtheclick.com URL: https://4446839.catchtheclick.com/?mob=JfQwZrPH-b-6w7LQ2zmiUHnjeMHcOgijJXW002cMC0YDFVVz1-Uh0cA0IvAKYdcGHKZePq2lYxzxgBIkrpMzTg&clickid=74974a636ab6be67197216971ce78656 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.237.90.104 , Finland, ASN202053 (UPCLOUD, FI), Reverse DNS 94-237-90-104.de-fra1.upcloud.host Software / Resource Hash Request headers Referer https://4446839.catchtheclick.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-type text/html; charset=UTF-8 date Fri, 29 Mar 2024 22:30:07 GMT x-traffic-status BISP

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
qua.rt-redirect.com/	1970-01-20 21:38:47	Name: user_key Value: 1719527406%7CNjEzZWY0ZGI0MmIyNTlmYTY0YzQ4M2VjYjM2MTMwNWM%3D%7C9770fbe39619ed9e443cd638da0326aca059d241
qua.rt-redirect.com/	1970-01-20 19:29:54	Name: visited.shiphyx0 Value: 1711794606%7CYToxOntpOjI0NTA7aToxO30%3D%7C6f850576f64d2f90f27980b57e467bd30694733b
qua.rt-redirect.com/	1970-01-20 19:29:54	Name: visited_time.shiphyx0 Value: 1711794606%7CMTcxMTc5NDYwNg%3D%3D%7Cca611f80b01992434aa49890fd9f1bb94ea853d8
qua.rt-redirect.com/	1970-01-20 19:30:37	Name: tracking.1.shiphyx0 Value: 1711837806%7CMQ%3D%3D%7C9b34b293bd00228a9dbd6c7b42c806616be527aa
qua.rt-redirect.com/	1970-01-20 19:33:30	Name: tracking.1.shiphyx0-2450 Value: 1712010606%7CMQ%3D%3D%7C0d165181fea9d0ea17a2f697b1ee62f6938976c4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d6170ac978.traffic-c.com
4446839.catchtheclick.com
qua.rt-redirect.com
116.202.159.170
144.76.30.234
94.237.90.104
5ff3929899e8ea940f97b60f9645e1774bb5c4dcfaeba3f10a489d6fca1e3cbb

4446839.catchtheclick.com Open in urlscan Pro 116.202.159.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

18 kBTransfer

20 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

Indicators

4446839.catchtheclick.com Open in urlscan Pro
116.202.159.170 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

18 kB
Transfer

20 kB
Size

5
Cookies

4 HTTP transactions
0 data transactions