URL: https://windamazonen.de/
Submission Tags: @phishunt_io
Submission: On October 29 via api from ES

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 24 HTTP transactions. The main IP is 2003:2:2:15:80:150:6:143, located in Germany and belongs to DTAG Internet service provider operations, DE. The main domain is windamazonen.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 29th 2020. Valid for: 3 months.
This is the only time windamazonen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2003:2:2:15:8... 3320 (DTAG Inte...)
16 2003:2:2:15:8... 3320 (DTAG Inte...)
1 13.35.253.170 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 6
Domain Requested by
16 homepagedesigner.telekom.de windamazonen.de
homepagedesigner.telekom.de
4 windamazonen.de windamazonen.de
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com windamazonen.de
1 d5mv4w6u6ab0j.cloudfront.net windamazonen.de
24 5

This site contains no links.

Subject Issuer Validity Valid
windamazonen.de
Let's Encrypt Authority X3
2020-10-29 -
2021-01-27
3 months crt.sh
homepagedesigner.telekom.de
TeleSec ServerPass Class 2 CA
2019-08-07 -
2021-08-12
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://windamazonen.de/
Frame ID: 8B3835F0DF64FB5EEB3C375DDACFB37D
Requests: 24 HTTP requests in this frame

Frame: data://truncated
Frame ID: CB512DEADB52F21A879B8E65B2BF11B0
Requests: 1 HTTP requests in this frame

Screenshot


Page Statistics

24
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

1326 kB
Transfer

1647 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
windamazonen.de/
15 KB
16 KB
Document
General
Full URL
https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:15:80:150:6:143 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
d2c0ad484726ec01b8e9d447e4ffdb5d7bf799e71fc4ff759e431975ec50f94d

Request headers

Host
windamazonen.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

transfer-encoding
chunked
cache-control
no-store
content-type
text/html; charset=utf-8
date
Thu, 29 Oct 2020 19:52:33 GMT
p3p
CP="CAO PSA OUR"
server
CM4all Webserver
set-cookie
sidc183=b618ec6a2444a0aeb9d8611c1994ab15; HttpOnly; Path=/; Version=1; Discard
beng-proxy.js
homepagedesigner.telekom.de/cm4all-beng-proxy/
2 KB
2 KB
Script
General
Full URL
https://homepagedesigner.telekom.de/cm4all-beng-proxy/beng-proxy.js
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
e287664dfec9e482a44dc2fdb0dde1b2c1a951e9e58aa88ad297d80a350cd5cc

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
last-modified
Wed, 09 Sep 2020 21:14:33 GMT
server
CM4all Webserver
etag
"fd00-5d2ee-5f5945b9"
content-type
application/javascript
accept-ranges
bytes
content-length
2049
expires
Fri, 30 Oct 2020 19:52:33 GMT
font-awesome.min.css
d5mv4w6u6ab0j.cloudfront.net/pool/font-awesome/4.7.0/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://d5mv4w6u6ab0j.cloudfront.net/pool/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.170 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-170.fra6.r.cloudfront.net
Software
nginx/1.17.7 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 29 Oct 2020 08:59:28 GMT
Content-Encoding
gzip
Age
39185
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 01 Feb 2017 15:02:47 GMT
Server
nginx/1.17.7
ETag
W/"7918-159fa330dd8"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Cache-Control
no-transform,public,max-age=86400,s-maxage=86400
X-Amz-Cf-Pop
FRA6-C1
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
Hk06pp0DfKRsa65sQKUiQr_ypS3HmmNUolUrcvOP6U3Ds3KDwikjTA==
Expires
Fri, 30 Oct 2020 08:59:28 GMT
popup-guistrap.css
homepagedesigner.telekom.de/res/js/lib/css/
707 B
533 B
Stylesheet
General
Full URL
https://homepagedesigner.telekom.de/res/js/lib/css/popup-guistrap.css
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
de4460799d4aebe60c52865412fa3a1c782a3060a259a0c7f4213ba838c5a21a

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 13:01:33 GMT
server
CM4all Webserver
etag
"fd00-9e43a-5ef1fd2d"
vary
accept-encoding
content-type
text/css
content-length
244
expires
Fri, 30 Oct 2020 19:52:33 GMT
widget-runtime.css
homepagedesigner.telekom.de/.cm4all/res/static/libcm4all-js-widget/3.85.41/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/res/static/libcm4all-js-widget/3.85.41/css/widget-runtime.css
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
6c02076c636842d4e87294dcc601dd02e893359e520d484c970be8570138bb96

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 13:01:28 GMT
server
CM4all Webserver
etag
"fd00-9e46f-5ef1fd28"
vary
accept-encoding
content-type
text/css
content-length
1079
expires
Fri, 29 Oct 2021 19:52:33 GMT
deploy.css
homepagedesigner.telekom.de/.cm4all/res/static/beng-editor/2.15.149/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/res/static/beng-editor/2.15.149/css/deploy.css
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
de3164b5afa957f5a0f60bc28977850a90211c7456187fe2229521761b0045ca

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Tue, 08 Sep 2020 11:48:43 GMT
server
CM4all Webserver
etag
"fd00-9e5a8-5f576f9b"
vary
accept-encoding
content-type
text/css
content-length
2761
expires
Fri, 29 Oct 2021 19:52:33 GMT
slideshow-common.css
homepagedesigner.telekom.de/.cm4all/res/static/libcm4all-js-widget/3.85.41/css/
17 KB
2 KB
Stylesheet
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/res/static/libcm4all-js-widget/3.85.41/css/slideshow-common.css
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
624b65fa03b65d0da5873922f532c11aeae0e42d30c9471e90cd1961449650b2

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 13:01:30 GMT
server
CM4all Webserver
etag
"fd00-9e484-5ef1fd2a"
vary
accept-encoding
content-type
text/css
content-length
1363
expires
Fri, 29 Oct 2021 19:52:33 GMT
jquery.js
homepagedesigner.telekom.de/.cm4all/res/static/jquery-1.7/
137 KB
40 KB
Script
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/res/static/jquery-1.7/jquery.js
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
56abf31f631b74be22fea7510b8f3779d3a2b348792aaf31d119d9650b0e75cd

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Thu, 11 Jan 2018 14:38:20 GMT
server
CM4all Webserver
etag
"9723af289061e4ef64b1046190459b15"
vary
accept-encoding
content-type
application/javascript
content-length
40314
expires
Fri, 29 Oct 2021 19:52:33 GMT
prototype.js
homepagedesigner.telekom.de/.cm4all/res/static/prototype-1.7.3/
104 KB
34 KB
Script
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/res/static/prototype-1.7.3/prototype.js
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
01e357c0de5e4fa6794d670972472a4bde4a3a4c51d5aeb3f8d558df49ced157

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2017 11:41:30 GMT
server
CM4all Webserver
etag
"dbe3e04290c71b72eb1e7c864bb86d94"
vary
accept-encoding
content-type
application/javascript
content-length
34085
expires
Fri, 29 Oct 2021 19:52:33 GMT
legacy.js
homepagedesigner.telekom.de/.cm4all/res/static/jslib/1.0.2/js/
30 KB
10 KB
Script
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/res/static/jslib/1.0.2/js/legacy.js
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
6cf492ba858d854bfaab819168dc6ace00ec7fe363685b46cf9bf11eea5ea098

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Tue, 03 Mar 2020 10:24:18 GMT
server
CM4all Webserver
etag
"fd00-7f79a-5e5e3052"
vary
accept-encoding
content-type
application/javascript
content-length
9648
expires
Fri, 29 Oct 2021 19:52:33 GMT
widget-runtime.js
homepagedesigner.telekom.de/.cm4all/res/static/libcm4all-js-widget/3.85.41/js/
62 KB
18 KB
Script
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/res/static/libcm4all-js-widget/3.85.41/js/widget-runtime.js
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
c30dca9f44f9a8cf4222c156b7e1958d1278e22fa3c1d587416c21fa21db8720

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 13:01:29 GMT
server
CM4all Webserver
etag
"fd00-9e471-5ef1fd29"
vary
accept-encoding
content-type
application/javascript
content-length
18425
expires
Fri, 29 Oct 2021 19:52:33 GMT
slideshow-common.js
homepagedesigner.telekom.de/.cm4all/res/static/libcm4all-js-widget/3.85.41/js/
20 KB
6 KB
Script
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/res/static/libcm4all-js-widget/3.85.41/js/slideshow-common.js
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
43cabce3f49eb415b0d568debee757c0f900691614e4df8a32dec1f0cf7993e5

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 13:01:31 GMT
server
CM4all Webserver
etag
"fd00-9e486-5ef1fd2b"
vary
accept-encoding
content-type
application/javascript
content-length
6217
expires
Fri, 29 Oct 2021 19:52:33 GMT
deploy.js
homepagedesigner.telekom.de/.cm4all/res/static/beng-editor/2.15.149/js/
14 KB
4 KB
Script
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/res/static/beng-editor/2.15.149/js/deploy.js
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
fc7e779398bda4dc0c05704afe238b249a6f234181a249e3c5b79dc0af9e6064

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Tue, 08 Sep 2020 11:48:43 GMT
server
CM4all Webserver
etag
"fd00-9e5b6-5f576f9b"
vary
accept-encoding
content-type
application/javascript
content-length
3957
expires
Fri, 29 Oct 2021 19:52:33 GMT
main.css
homepagedesigner.telekom.de/.cm4all/designs/static/oem/cm_dh_065/1574204935.95/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/designs/static/oem/cm_dh_065/1574204935.95/css/main.css
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
0c29b927b6f1e5447de2c0edd7ce83a65b84732177947d4afb000aba1f41b60a

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 14:57:42 GMT
server
CM4all Webserver
etag
"2a-72321b8-5dc18de6"
vary
accept-encoding
content-type
text/css
content-length
1940
expires
Fri, 29 Oct 2021 19:52:33 GMT
vars.css
windamazonen.de/.cm4all/handler.php/
20 KB
20 KB
Stylesheet
General
Full URL
https://windamazonen.de/.cm4all/handler.php/vars.css?v=
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:15:80:150:6:143 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
4c770e816171730c456730b53db73df6331ac39754c0a7d031d3864e3d1a6c01

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
last-modified
Sun, 05 Mar 2017 19:10:17 GMT
server
CM4all Webserver
accept-ranges
bytes
etag
"036-4464d8f-58bc6299"
content-length
20666
content-type
text/css
15a9b30de59
homepagedesigner.telekom.de/imageprocessor/processor.cls/CMTOI/cm4all/com/widgets/PhotoToi/17/26/12/61/15a9b30de59/scale_363_0%3Bdonotenlarge/
73 KB
73 KB
Image
General
Full URL
https://homepagedesigner.telekom.de/imageprocessor/processor.cls/CMTOI/cm4all/com/widgets/PhotoToi/17/26/12/61/15a9b30de59/scale_363_0%3Bdonotenlarge/15a9b30de59
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
5342d4ecaadf8be2b716574a9725d51a38e536043335e2c0f6a26a137b5da6d0

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:33 GMT
last-modified
Sat, 04 Mar 2017 21:19:15 GMT
server
CM4all Webserver
transfer-encoding
chunked
content-type
image/jpeg
css
fonts.googleapis.com/
2 KB
530 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,khmer,latin,latin-ext,vietnamese&family=Elsie:regular,900
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/.cm4all/handler.php/vars.css?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a2c14e54094881e9790ff2f5a27a1576008fca7b3ea119b38f956a3e7740082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://windamazonen.de/.cm4all/handler.php/vars.css?v=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Oct 2020 19:52:33 GMT
server
ESF
date
Thu, 29 Oct 2020 19:52:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Oct 2020 19:52:33 GMT
bif_39651412_cm-a.jpg
windamazonen.de/.cm4all/sysdb/backgrounds/images/
124 KB
124 KB
Image
General
Full URL
https://windamazonen.de/.cm4all/sysdb/backgrounds/images/bif_39651412_cm-a.jpg
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/.cm4all/handler.php/vars.css?v=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:15:80:150:6:143 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
f36ee2e83bec4da9341d9b3081534f6e20fb1d0d147eaaace93c5dfa9404aaf5

Request headers

Referer
https://windamazonen.de/.cm4all/handler.php/vars.css?v=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:34 GMT
last-modified
Sun, 05 Mar 2017 19:10:17 GMT
server
CM4all Webserver
etag
"036-4a87114-58bc6299"
content-type
image/jpg
accept-ranges
bytes
content-length
126734
expires
Fri, 30 Oct 2020 19:52:34 GMT
overview-bg-top.png
homepagedesigner.telekom.de/.cm4all/designs/static/oem/cm_dh_065/1574204935.95/img/
98 KB
98 KB
Image
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/designs/static/oem/cm_dh_065/1574204935.95/img/overview-bg-top.png
Requested by
Host: homepagedesigner.telekom.de
URL: https://homepagedesigner.telekom.de/.cm4all/designs/static/oem/cm_dh_065/1574204935.95/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
cdbf5829fdaf122182e1b9006206e27f222322de75db5b56509536b93c6a8851

Request headers

Referer
https://homepagedesigner.telekom.de/.cm4all/designs/static/oem/cm_dh_065/1574204935.95/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:34 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 14:57:42 GMT
server
CM4all Webserver
etag
"2a-72321b6-5dc18de6"
vary
accept-encoding
content-type
image/png
content-length
99761
expires
Fri, 29 Oct 2021 19:52:34 GMT
0128f84d2b2b99014c0d48a76a81317e.jpg
windamazonen.de/.cm4all/sysdb.iproc/keyvisuals/0128f84d2b2b99014c0d48a76a81317e.jpg/scale_0_0/
710 KB
711 KB
Image
General
Full URL
https://windamazonen.de/.cm4all/sysdb.iproc/keyvisuals/0128f84d2b2b99014c0d48a76a81317e.jpg/scale_0_0/0128f84d2b2b99014c0d48a76a81317e.jpg
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2003:2:2:15:80:150:6:143 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
a763b26f853d45dfc4b66196d3dd71ca8570d73bc74f1825be494ab4b0927396

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:34 GMT
last-modified
Sat, 04 Mar 2017 21:52:07 GMT
server
CM4all Webserver
transfer-encoding
chunked
content-type
image/jpeg
overview-bg-bottom.png
homepagedesigner.telekom.de/.cm4all/designs/static/oem/cm_dh_065/1574204935.95/img/
140 KB
131 KB
Image
General
Full URL
https://homepagedesigner.telekom.de/.cm4all/designs/static/oem/cm_dh_065/1574204935.95/img/overview-bg-bottom.png
Requested by
Host: homepagedesigner.telekom.de
URL: https://homepagedesigner.telekom.de/.cm4all/designs/static/oem/cm_dh_065/1574204935.95/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
35fd5727bbe1625e530fa609d0de5b06c4230e1b93b7e5958e5178e2a9fde26a

Request headers

Referer
https://homepagedesigner.telekom.de/.cm4all/designs/static/oem/cm_dh_065/1574204935.95/css/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:34 GMT
content-encoding
gzip
last-modified
Tue, 05 Nov 2019 14:57:42 GMT
server
CM4all Webserver
etag
"2a-72321b5-5dc18de6"
vary
accept-encoding
content-type
image/png
content-length
133549
expires
Fri, 29 Oct 2021 19:52:34 GMT
BCanqZABrez54xYp_Mhie6gW.woff2
fonts.gstatic.com/s/elsie/v10/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/elsie/v10/BCanqZABrez54xYp_Mhie6gW.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,khmer,latin,latin-ext,vietnamese&family=Elsie:regular,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b7e2ac5abc42cf22f624e64585482b51991362c0b708cb2a8d08e89f8f08c5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://windamazonen.de
Referer
https://fonts.googleapis.com/css?subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,khmer,latin,latin-ext,vietnamese&family=Elsie:regular,900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 11:50:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 19:40:43 GMT
server
sffe
age
115339
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10488
x-xss-protection
0
expires
Thu, 28 Oct 2021 11:50:14 GMT
BCaqqZABrez54x6q291PWaU8XjBl.woff2
fonts.gstatic.com/s/elsie/v10/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/elsie/v10/BCaqqZABrez54x6q291PWaU8XjBl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,khmer,latin,latin-ext,vietnamese&family=Elsie:regular,900
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0beb71ee3e030da35f1af4ea848131d21852163355961730db9a0af3b6748887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://windamazonen.de
Referer
https://fonts.googleapis.com/css?subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,khmer,latin,latin-ext,vietnamese&family=Elsie:regular,900
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 28 Oct 2020 13:05:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 23 Jul 2020 19:47:25 GMT
server
sffe
age
110807
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11496
x-xss-protection
0
expires
Thu, 28 Oct 2021 13:05:47 GMT
truncated
/ Frame CB51
45 B
45 B
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cb1db5a2f119ba8ee5e53346e2fdcade1e437a7f4432490cca3ece43b3f1b85

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html
popup-guistrap.css
homepagedesigner.telekom.de/res/js/lib/css/
707 B
533 B
Stylesheet
General
Full URL
https://homepagedesigner.telekom.de/res/js/lib/css/popup-guistrap.css
Requested by
Host: windamazonen.de
URL: https://windamazonen.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2003:2:2:15:80:150:6:162 , Germany, ASN3320 (DTAG Internet service provider operations, DE),
Reverse DNS
Software
CM4all Webserver /
Resource Hash
de4460799d4aebe60c52865412fa3a1c782a3060a259a0c7f4213ba838c5a21a

Request headers

Referer
https://windamazonen.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 29 Oct 2020 19:52:41 GMT
content-encoding
gzip
last-modified
Tue, 23 Jun 2020 13:01:33 GMT
server
CM4all Webserver
etag
"fd00-9e43a-5ef1fd2d"
vary
accept-encoding
content-type
text/css
content-length
244
expires
Fri, 30 Oct 2020 19:52:41 GMT

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| beng function| beng_widget_uri object| cm4all object| win function| $ function| jQuery object| Class function| $A function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position object| Prototype function| $$ undefined| Sizzle function| Selector string| SPACER_GIF string| BLANK_HTML string| TITLE_SPACES string| CM_SESSION_KEY_KEY object| HTMLTAGS undefined| DEBUG_MODE_ENABLED object| Script function| formatURL function| jshelper_addRevision function| getHeadElement function| jdecode function| jencode function| getTopWindow function| ensureWindowSize function| copyBase function| copyObject function| safeEscape function| getGUID function| convertToText function| revertToText function| URL_set function| URL_debug function| URL_getParameter function| URL_getParameterValues function| URL_getParameterNames function| parseURL function| setURL function| URL_isValidProtocol function| URL_setParameter function| URL_removeParameter function| URL_removeAllParams function| URL_parseQueryString function| URL_getQueryString function| URL_toExternalForm function| URL_setSession function| URL_getPrototypePair function| getSessionPair function| getSessionHref function| processLinkz function| getSessionString function| _createHtmlElement function| TEXT object| __loadedJsLibraries object| __loadedCssLibraries function| IMPORT_JS function| isScriptAlreadyPresent function| qualifyUrl function| IMPORT_JS_LIB function| IMPORT_CSS function| REMOVE_CSS function| IMPORT_I18N function| A function| B function| BR function| BODY function| BUTTON function| CENTER function| COL function| COLGROUP function| DIV function| EMBED function| FONT function| FORM function| FRAME function| FRAMESET function| H1 function| H2 function| H3 function| H4 function| H5 function| H6 function| HEAD function| HTML function| I function| IFRAME function| IMG function| INPUT function| LABEL function| LI function| NOBR function| OBJECT function| OL function| OPTION function| P function| PARAM function| PRE function| SCRIPT function| SELECT function| S function| SPAN function| STYLE function| TEXTAREA function| TABLE function| TBODY function| TFOOT function| THEAD function| TITLE function| TR function| TD function| TH function| U function| UL function| $Q function| $j function| HttpURL object| HttpURLUtils object| Common object| jQuery17209523799156748944 function| createBengRequestUrl object| MobileBrowserSwitch object| Strftime function| Xlate object| I18N function| Transformer function| DummyPopup object| html5 object| Modernizr function| yepnope function| cm_ensureFloatingSpace string| cmLogoWidgetId function| cmLogoGetCommonWidget object| logoConfiguration

1 Cookies

Domain/Path Name / Value
windamazonen.de/ Name: sidc183
Value: b618ec6a2444a0aeb9d8611c1994ab15

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d5mv4w6u6ab0j.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
homepagedesigner.telekom.de
windamazonen.de
13.35.253.170
2003:2:2:15:80:150:6:143
2003:2:2:15:80:150:6:162
2a00:1450:4001:815::2003
2a00:1450:4001:820::200a
01e357c0de5e4fa6794d670972472a4bde4a3a4c51d5aeb3f8d558df49ced157
0beb71ee3e030da35f1af4ea848131d21852163355961730db9a0af3b6748887
0c29b927b6f1e5447de2c0edd7ce83a65b84732177947d4afb000aba1f41b60a
2a2c14e54094881e9790ff2f5a27a1576008fca7b3ea119b38f956a3e7740082
35fd5727bbe1625e530fa609d0de5b06c4230e1b93b7e5958e5178e2a9fde26a
43cabce3f49eb415b0d568debee757c0f900691614e4df8a32dec1f0cf7993e5
4c770e816171730c456730b53db73df6331ac39754c0a7d031d3864e3d1a6c01
5342d4ecaadf8be2b716574a9725d51a38e536043335e2c0f6a26a137b5da6d0
56abf31f631b74be22fea7510b8f3779d3a2b348792aaf31d119d9650b0e75cd
624b65fa03b65d0da5873922f532c11aeae0e42d30c9471e90cd1961449650b2
6c02076c636842d4e87294dcc601dd02e893359e520d484c970be8570138bb96
6cb1db5a2f119ba8ee5e53346e2fdcade1e437a7f4432490cca3ece43b3f1b85
6cf492ba858d854bfaab819168dc6ace00ec7fe363685b46cf9bf11eea5ea098
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8b7e2ac5abc42cf22f624e64585482b51991362c0b708cb2a8d08e89f8f08c5c
a763b26f853d45dfc4b66196d3dd71ca8570d73bc74f1825be494ab4b0927396
c30dca9f44f9a8cf4222c156b7e1958d1278e22fa3c1d587416c21fa21db8720
cdbf5829fdaf122182e1b9006206e27f222322de75db5b56509536b93c6a8851
d2c0ad484726ec01b8e9d447e4ffdb5d7bf799e71fc4ff759e431975ec50f94d
de3164b5afa957f5a0f60bc28977850a90211c7456187fe2229521761b0045ca
de4460799d4aebe60c52865412fa3a1c782a3060a259a0c7f4213ba838c5a21a
e287664dfec9e482a44dc2fdb0dde1b2c1a951e9e58aa88ad297d80a350cd5cc
f36ee2e83bec4da9341d9b3081534f6e20fb1d0d147eaaace93c5dfa9404aaf5
fc7e779398bda4dc0c05704afe238b249a6f234181a249e3c5b79dc0af9e6064