www.winzentsen.de Open in urlscan Pro
213.238.33.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gradomet.si/#dFFS.sgfsing.gggs@asml.com
Effective URL:
http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30...
Submission: On February 03 via manual (February 3rd 2020, 1:20:33 pm UTC) from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 213.238.33.166, located in Hamburg, Germany and belongs to WORK-AS N@work Internet Informationssysteme GmbH, DE. The main domain is www.winzentsen.de.

This is the only time www.winzentsen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	212.44.102.145 212.44.102.145	43128 (DHH-AS) (DHH-AS)
1 10	213.238.33.166 213.238.33.166	9211 (WORK-AS N...) (WORK-AS N@work Internet Informationssysteme GmbH)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
11	3

1 212.44.102.145 (Slovenia)

ASN43128 (DHH-AS, SI)
PTR: rcp-10.controlpanel.si

gradomet.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 213.238.33.166 (Hamburg, Germany) 1 redirects

ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE)

www.winzentsen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	winzentsen.de 1 redirects www.winzentsen.de	591 KB
1	googleapis.com fonts.googleapis.com	1003 B
1	gradomet.si gradomet.si	1 KB
11	3

	Domain	Requested by
10	www.winzentsen.de	1 redirects gradomet.si www.winzentsen.de
1	fonts.googleapis.com	www.winzentsen.de
1	gradomet.si
11	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
Frame ID: 1C3BDACA62125FAD1112123BB8555403
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gradomet.si/ Page URL
http://www.winzentsen.de/wp-content/languages/themes/files/?e=dFFS.sgfsing.gggs@asml.com HTTP 302
http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A1580736... Page URL

Page Statistics

11
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

593 kB
Transfer

740 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gradomet.si/ Page URL
http://www.winzentsen.de/wp-content/languages/themes/files/?e=dFFS.sgfsing.gggs@asml.com HTTP 302
http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
gradomet.si/ 845 B
1 KB 712ms
631ms Document
text/html 212.44.102.145
DHH-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gradomet.si/
Protocol: HTTP/1.1
Server: 212.44.102.145 , Slovenia, ASN43128 (DHH-AS, SI),
Reverse DNS: rcp-10.controlpanel.si
Software: Apache / PHP/5.6.40
Resource Hash: af1f34576bc1f9a06ce34cc4e920d3e2972daee73975817ce88a21c8e000e38a

Request headers

Host: gradomet.si
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 13:20:13 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Content-Length: 845
Content-Type: text/html; charset=UTF-8
Set-Cookie: PH_HPXY_CHECK=s1; path=/
Cache-control: private

GET
H/1.1

200
OK

Primary Request 4x7drfdl3u57vth6ay1cci97.php Show response
www.winzentsen.de/wp-content/languages/themes/files/
Redirect Chain

http://www.winzentsen.de/wp-content/languages/themes/files/?e=dFFS.sgfsing.gggs@asml.com
http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea...

8 KB
2 KB

35ms
35ms

Document
text/html

213.238.33.166
WORK-AS N@work In...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
Requested by: Host: gradomet.si
URL: http://gradomet.si/
Protocol: HTTP/1.1
Server: 213.238.33.166 Hamburg, Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: 1601ed41bb782e6c8528893ef671422d9fcb11ef5cbabc582a5382a3db28e707

Request headers

Host: www.winzentsen.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://gradomet.si/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://gradomet.si/

Response headers

Date: Mon, 03 Feb 2020 13:20:14 GMT
Server: Apache/2.4.10 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1939
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Mon, 03 Feb 2020 13:20:14 GMT
Server: Apache/2.4.10 (Debian)
location: 4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ga_003.js Show response
www.winzentsen.de/wp-content/languages/themes/files/login_data/ 42 KB
16 KB 35ms
35ms Script
application/javascript 213.238.33.166
WORK-AS N@work In...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.winzentsen.de/wp-content/languages/themes/files/login_data/ga_003.js
Requested by: Host: www.winzentsen.de
URL: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
Protocol: HTTP/1.1
Server: 213.238.33.166 Hamburg, Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5

Request headers

Referer: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 13:20:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 07:32:49 GMT
Server: Apache/2.4.10 (Debian)
ETag: "a84a-59d5676cd4aa9-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 16042

GET
H/1.1 200
OK ga_002.js Show response
www.winzentsen.de/wp-content/languages/themes/files/login_data/ 42 KB
16 KB 73ms
57ms Script
application/javascript 213.238.33.166
WORK-AS N@work In...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.winzentsen.de/wp-content/languages/themes/files/login_data/ga_002.js
Requested by: Host: www.winzentsen.de
URL: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
Protocol: HTTP/1.1
Server: 213.238.33.166 Hamburg, Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5

Request headers

Referer: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 13:20:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 07:32:49 GMT
Server: Apache/2.4.10 (Debian)
ETag: "a84a-59d5676cd2782-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 16042

GET
H/1.1 200
OK ga.js Show response
www.winzentsen.de/wp-content/languages/themes/files/login_data/ 42 KB
16 KB 36ms
35ms Script
application/javascript 213.238.33.166
WORK-AS N@work In...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.winzentsen.de/wp-content/languages/themes/files/login_data/ga.js
Requested by: Host: www.winzentsen.de
URL: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
Protocol: HTTP/1.1
Server: 213.238.33.166 Hamburg, Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: 4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5

Request headers

Referer: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 13:20:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 07:32:49 GMT
Server: Apache/2.4.10 (Debian)
ETag: "a84a-59d5676cd2782-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 16042

GET
H/1.1 200
OK jquery.js Show response
www.winzentsen.de/wp-content/languages/themes/files/login_data/ 94 KB
33 KB 75ms
59ms Script
application/javascript 213.238.33.166
WORK-AS N@work In...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.winzentsen.de/wp-content/languages/themes/files/login_data/jquery.js
Requested by: Host: www.winzentsen.de
URL: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
Protocol: HTTP/1.1
Server: 213.238.33.166 Hamburg, Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Referer: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 13:20:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 07:32:49 GMT
Server: Apache/2.4.10 (Debian)
ETag: "1787d-59d5676cd8541-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 33369

GET
H/1.1 200
OK jquery_popup.css
www.winzentsen.de/wp-content/languages/themes/files/login_data/ 2 KB
1 KB 69ms
54ms Stylesheet
text/css 213.238.33.166
WORK-AS N@work In...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.winzentsen.de/wp-content/languages/themes/files/login_data/jquery_popup.css
Requested by: Host: www.winzentsen.de
URL: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
Protocol: HTTP/1.1
Server: 213.238.33.166 Hamburg, Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: b1dbe2cdf1aff375b2420bd518650d07a6614455528e2f9400c99a74e4b57dc0

Request headers

Referer: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 13:20:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 07:32:49 GMT
Server: Apache/2.4.10 (Debian)
ETag: "8b7-59d5676cd8541-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 749

GET
H/1.1 200
OK jquery_popup.js Show response
www.winzentsen.de/wp-content/languages/themes/files/login_data/ 2 KB
907 B 74ms
58ms Script
application/javascript 213.238.33.166
WORK-AS N@work In...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.winzentsen.de/wp-content/languages/themes/files/login_data/jquery_popup.js
Requested by: Host: www.winzentsen.de
URL: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
Protocol: HTTP/1.1
Server: 213.238.33.166 Hamburg, Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: cc9fcc5704f38ab13ae1e696fd45ace331092435101ab4a0f186aabca19bd230

Request headers

Referer: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 13:20:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 07:32:49 GMT
Server: Apache/2.4.10 (Debian)
ETag: "70f-59d5676cd8541-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 557

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1003 B 22ms
16ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Fauna+One|Muli

Requested by

Host: www.winzentsen.de
URL: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d36a44abde0e8247dc873b5fe61a045bb14d0065ebfc2e3e769c3cb72c6c461a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 13:20:15 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Feb 2020 13:20:15 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Mon, 03 Feb 2020 13:20:15 GMT

GET
H/1.1 200
OK aachht.png
www.winzentsen.de/wp-content/languages/themes/files/ 490 KB
490 KB 33ms
33ms Image
image/png 213.238.33.166
WORK-AS N@work In...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.winzentsen.de/wp-content/languages/themes/files/aachht.png
Requested by: Host: www.winzentsen.de
URL: http://www.winzentsen.de/wp-content/languages/themes/files/login_data/jquery.js
Protocol: HTTP/1.1
Server: 213.238.33.166 Hamburg, Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: a74d446217828c855dcba39ec425b267aeb6d049e12e7302af46be7dd46575b3

Request headers

Referer: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 13:20:15 GMT
Last-Modified: Thu, 30 Jan 2020 07:32:31 GMT
Server: Apache/2.4.10 (Debian)
ETag: "7a84d-59d5675c057a9"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 501837

GET
H/1.1 200
OK aadsfre.png
www.winzentsen.de/wp-content/languages/themes/files/ 15 KB
15 KB 33ms
33ms Image
image/png 213.238.33.166
WORK-AS N@work In...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.winzentsen.de/wp-content/languages/themes/files/aadsfre.png
Requested by: Host: www.winzentsen.de
URL: http://www.winzentsen.de/wp-content/languages/themes/files/login_data/jquery.js
Protocol: HTTP/1.1
Server: 213.238.33.166 Hamburg, Germany, ASN9211 (WORK-AS N@work Internet Informationssysteme GmbH, DE),
Reverse DNS
Software: Apache/2.4.10 (Debian) /
Resource Hash: cc315e8d8b228ee0ea309a24718c08d3da2c0d154d259e65647cd50dd87c6e4d

Request headers

Referer: http://www.winzentsen.de/wp-content/languages/themes/files/4x7drfdl3u57vth6ay1cci97.php?DG6b6A15807360141702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea4891702984d29dac5d30d8fc7ba21fea489&e=dFFS.sgfsing.gggs@asml.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Mon, 03 Feb 2020 13:20:15 GMT
Last-Modified: Thu, 30 Jan 2020 07:32:31 GMT
Server: Apache/2.4.10 (Debian)
ETag: "3c77-59d5675c05b91"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 15479

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
gradomet.si
www.winzentsen.de
212.44.102.145
213.238.33.166
2a00:1450:4001:81b::200a
1601ed41bb782e6c8528893ef671422d9fcb11ef5cbabc582a5382a3db28e707
4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
a74d446217828c855dcba39ec425b267aeb6d049e12e7302af46be7dd46575b3
af1f34576bc1f9a06ce34cc4e920d3e2972daee73975817ce88a21c8e000e38a
b1dbe2cdf1aff375b2420bd518650d07a6614455528e2f9400c99a74e4b57dc0
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
cc315e8d8b228ee0ea309a24718c08d3da2c0d154d259e65647cd50dd87c6e4d
cc9fcc5704f38ab13ae1e696fd45ace331092435101ab4a0f186aabca19bd230
d36a44abde0e8247dc873b5fe61a045bb14d0065ebfc2e3e769c3cb72c6c461a

www.winzentsen.de Open in urlscan Pro 213.238.33.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

11 Requests

0 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

593 kBTransfer

740 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

www.winzentsen.de Open in urlscan Pro
213.238.33.166 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

593 kB
Transfer

740 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions