mailing.nordlb.de Open in urlscan Pro
185.98.186.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mailing.nordlb.de/-link2/18748/1555/5/7/51/vDvuJ68e/EpWZyv3L4y/0/NTE./dkR2dUo2OGU.
Effective URL:
https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e
Submission: On August 31 via manual (August 31st 2022, 9:25:58 am UTC) from DE — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 185.98.186.254, located in Germany and belongs to UNBELIEVABLE-AS, DE. The main domain is mailing.nordlb.de.
TLS certificate: Issued by QuoVadis Europe EV SSL CA G1 on September 24th 2021. Valid for: a year.

This is the only time mailing.nordlb.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	185.98.186.254 185.98.186.254	48173 (UNBELIEVA...) (UNBELIEVABLE-AS)
3	2a00:1450:400... 2a00:1450:400e:801::200a	15169 (GOOGLE) (GOOGLE)
9	80.82.207.253 80.82.207.253	48173 (UNBELIEVA...) (UNBELIEVABLE-AS)
16	3

6 185.98.186.254 (Germany) 2 redirects

ASN48173 (UNBELIEVABLE-AS, DE)

mailing.nordlb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mailing.sparkasse.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:801::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 80.82.207.253 (Germany)

ASN48173 (UNBELIEVABLE-AS, DE)

sfp.webapps.sendnode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	sendnode.com sfp.webapps.sendnode.com	182 KB
4	nordlb.de 2 redirects mailing.nordlb.de	147 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 279	105 KB
2	sparkasse.de mailing.sparkasse.de	47 KB
16	4

	Domain	Requested by
9	sfp.webapps.sendnode.com	mailing.nordlb.de mailing.sparkasse.de ajax.googleapis.com
4	mailing.nordlb.de	2 redirects mailing.nordlb.de
3	ajax.googleapis.com	mailing.nordlb.de
2	mailing.sparkasse.de	mailing.nordlb.de
16	4

This site contains no links.

Subject Issuer	Validity	Valid
mailing.nordlb.de QuoVadis Europe EV SSL CA G1	`2021-09-24` - `2022-09-24`	a year	crt.sh
mailing.sparkasse.de D-TRUST SSL Class 3 CA 1 2009	`2022-05-19` - `2023-05-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
sfp.webapps.sendnode.com R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e
Frame ID: 53843B23FFB2E409C1E771601967CB6E
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmeldung zur Veranstaltung

Page URL History Show full URLs

http://mailing.nordlb.de/-link2/18748/1555/5/7/51/vDvuJ68e/EpWZyv3L4y/0/NTE./dkR2dUo2OGU. HTTP 301
https://mailing.nordlb.de/-link2/18748/1555/5/7/51/vDvuJ68e/EpWZyv3L4y/0/NTE./dkR2dUo2OGU. HTTP 302
https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

16
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

480 kB
Transfer

1005 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mailing.nordlb.de/-link2/18748/1555/5/7/51/vDvuJ68e/EpWZyv3L4y/0/NTE./dkR2dUo2OGU. HTTP 301
https://mailing.nordlb.de/-link2/18748/1555/5/7/51/vDvuJ68e/EpWZyv3L4y/0/NTE./dkR2dUo2OGU. HTTP 302
https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request vDvuJ68e Show response
mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/
Redirect Chain

http://mailing.nordlb.de/-link2/18748/1555/5/7/51/vDvuJ68e/EpWZyv3L4y/0/NTE./dkR2dUo2OGU.
https://mailing.nordlb.de/-link2/18748/1555/5/7/51/vDvuJ68e/EpWZyv3L4y/0/NTE./dkR2dUo2OGU.
https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e

10 KB
3 KB

607ms
607ms

Document
text/html

185.98.186.254
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.98.186.254 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

21015f15cd51c5a91177e4b600993efff57aefc5f14d92625f7be4f4c82b14cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Aug 2022 09:25:53 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive

Redirect headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Aug 2022 09:25:52 GMT
Location: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e
Server: nginx
Strict-Transport-Security: max-age=63072000
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive

GET
H/1.1 200
OK style.css
mailing.sparkasse.de/public/a_18748_Xb2RK/webspace/lp-template-event-modul/css/ 10 KB
3 KB 254ms
99ms Stylesheet
text/css 185.98.186.254
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://mailing.sparkasse.de/public/a_18748_Xb2RK/webspace/lp-template-event-modul/css/style.css

Requested by

Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.98.186.254 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

58545a88290858d9a2d145c86089025197f0d730d49db04ae277a6aa0a373375

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:25:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jul 2020 13:17:08 GMT
Server: nginx
ETag: "28e1-5a9c5b120b507-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=63072000
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Content-Length: 2919

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 97ms
49ms Script
text/javascript 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 06:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 06:36:31 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
67 KB 73ms
26ms Script
text/javascript 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 04:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 04:21:06 GMT

GET
H2 200 jquery.validate.min.js Show response
sfp.webapps.sendnode.com/nordlb/event-modul/scripts/ 22 KB
7 KB 296ms
36ms Script
application/javascript 80.82.207.253
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfp.webapps.sendnode.com/nordlb/event-modul/scripts/jquery.validate.min.js
Requested by: Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.82.207.253 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: bde3bb079dbdb04a2a75b4ea894f4b73c40738cf85548250f61fd4ce1dea10f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:25:53 GMT
content-encoding: gzip
last-modified: Mon, 06 Jul 2020 13:06:34 GMT
server: Apache
etag: "58a5-5a9c58b48aa80-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 7328

GET
H2 200 validate.js Show response
sfp.webapps.sendnode.com/nordlb/event-modul/scripts/ 3 KB
1 KB 293ms
34ms Script
application/javascript 80.82.207.253
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfp.webapps.sendnode.com/nordlb/event-modul/scripts/validate.js
Requested by: Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.82.207.253 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 03e75f73b751c3af980b380ff97bd0f886f1d7c533ce74f91608c349d7fc5a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:25:53 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 11:53:41 GMT
server: Apache
etag: "ca0-5a71890073b40-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1063

GET
H2 200 event-api3.js Show response
sfp.webapps.sendnode.com/nordlb/event-modul/scripts/ 37 KB
9 KB 323ms
63ms Script
application/javascript 80.82.207.253
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfp.webapps.sendnode.com/nordlb/event-modul/scripts/event-api3.js
Requested by: Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.82.207.253 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4d7ae2ea44bdedbeca1efaa91e9bedc2fc35df543e09a4e2f90865809f891bfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:25:53 GMT
content-encoding: gzip
last-modified: Thu, 06 Aug 2020 09:10:23 GMT
server: Apache
etag: "9425-5ac31dbb4fdc0-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 8578

GET
H2 200 fn.showElemByValue.js Show response
sfp.webapps.sendnode.com/nordlb/event-modul/scripts/ 4 KB
1 KB 294ms
35ms Script
application/javascript 80.82.207.253
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfp.webapps.sendnode.com/nordlb/event-modul/scripts/fn.showElemByValue.js
Requested by: Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.82.207.253 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7f9c92a0ac0489b60912ace1237006d53784960c438a6e27adb1af6df26998d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:25:53 GMT
content-encoding: gzip
last-modified: Tue, 26 May 2020 06:28:51 GMT
server: Apache
etag: "e88-5a6873571cec0-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1145

GET
H2 200 fa-solid.min.js Show response
sfp.webapps.sendnode.com/nordlb/event-modul/scripts/fontawesome/ 277 KB
92 KB 43ms
43ms Script
application/javascript 80.82.207.253
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfp.webapps.sendnode.com/nordlb/event-modul/scripts/fontawesome/fa-solid.min.js
Requested by: Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.82.207.253 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: ef9d53e72ba5278829e504f707a605bb2f119f56fd51543ce5d81b1d601f4cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:25:53 GMT
content-encoding: gzip
last-modified: Fri, 01 Feb 2019 08:53:18 GMT
server: Apache
etag: "4532b-580d14635bb80-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 fontawesome.min.js Show response
sfp.webapps.sendnode.com/nordlb/event-modul/scripts/fontawesome/ 27 KB
10 KB 63ms
62ms Script
application/javascript 80.82.207.253
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfp.webapps.sendnode.com/nordlb/event-modul/scripts/fontawesome/fontawesome.min.js
Requested by: Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.82.207.253 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: cd2c82f6eb8247d43d1db72ec6545f04938fe6c45f8b5710624ae558d39525f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:25:53 GMT
content-encoding: gzip
last-modified: Fri, 01 Feb 2019 08:53:19 GMT
server: Apache
etag: "6b4d-580d14644fdc0-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 9889

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 36 KB
9 KB 69ms
22ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css

Requested by

Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 10:26:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8422
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Aug 2023 10:26:44 GMT

GET
H/1.1 200
OK logo.png
mailing.sparkasse.de/public/a_18748_Xb2RK/webspace/e-mail-template-event-modul/images/ 43 KB
44 KB 68ms
67ms Image
image/png 185.98.186.254
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mailing.sparkasse.de/public/a_18748_Xb2RK/webspace/e-mail-template-event-modul/images/logo.png

Requested by

Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.98.186.254 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

eb6322bb51436fa0271121afebe735c471559ceddca48c33db14d96854149e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:25:53 GMT
Last-Modified: Wed, 17 Nov 2021 09:08:55 GMT
Server: nginx
ETag: "ad59-5d0f864350785"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Content-Length: 44377

GET
H/1.1 200
OK 400_Bulle_und_Baer_eisblau.png
mailing.nordlb.de/public/a_18748_Xb2RK/file/data/ 143 KB
143 KB 170ms
93ms Image
image/png 185.98.186.254
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mailing.nordlb.de/public/a_18748_Xb2RK/file/data/400_Bulle_und_Baer_eisblau.png

Requested by

Host: mailing.nordlb.de
URL: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.98.186.254 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

eec33a51ad71ddc109a62606e06da9befd80916e1ee064065140de12219fb245

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mailing.nordlb.de/-lp/Xb2RK18748/4NNVL73/1555/51/vDvuJ68e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Wed, 31 Aug 2022 09:25:53 GMT
Last-Modified: Wed, 17 Mar 2021 14:14:03 GMT
Server: nginx
ETag: "23bd2-5bdbc185835ac"
Strict-Transport-Security: max-age=63072000
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Content-Length: 146386

GET
H2 200 ARSMaquettePro-Regular-webfont.woff
sfp.webapps.sendnode.com/fonts/ARS-Maquette-Pro/ 31 KB
31 KB 140ms
65ms Font
font/woff 80.82.207.253
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfp.webapps.sendnode.com/fonts/ARS-Maquette-Pro/ARSMaquettePro-Regular-webfont.woff
Requested by: Host: mailing.sparkasse.de
URL: https://mailing.sparkasse.de/public/a_18748_Xb2RK/webspace/lp-template-event-modul/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.82.207.253 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7282f3963bf4b2fc289a0828a243b3cfe50ce26609bf05b634b9d45bb077e5b1

Request headers

Referer: https://mailing.sparkasse.de/
Origin: https://mailing.nordlb.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:25:53 GMT
last-modified: Mon, 29 Jul 2019 12:22:52 GMT
server: Apache
etag: "7b60-58ed0f36e7f00"
content-type: font/woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 31584

GET
H2 200 ARSMaquettePro-Light-webfont.woff
sfp.webapps.sendnode.com/fonts/ARS-Maquette-Pro/ 30 KB
31 KB 106ms
34ms Font
font/woff 80.82.207.253
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfp.webapps.sendnode.com/fonts/ARS-Maquette-Pro/ARSMaquettePro-Light-webfont.woff
Requested by: Host: mailing.sparkasse.de
URL: https://mailing.sparkasse.de/public/a_18748_Xb2RK/webspace/lp-template-event-modul/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.82.207.253 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 0b17ba5879682c5d79521b0de80cf3fe96692210070a3d7a166afe22ef8523b4

Request headers

Referer: https://mailing.sparkasse.de/
Origin: https://mailing.nordlb.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 09:25:53 GMT
last-modified: Mon, 29 Jul 2019 12:22:52 GMT
server: Apache
etag: "78e4-58ed0f36e7f00"
content-type: font/woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 30948

POST
H2 200 countRecipients.php Show response
sfp.webapps.sendnode.com/nordlb/event-modul/requests/ 85 B
244 B 1002ms
1002ms XHR
text/html 80.82.207.253
UNBELIEVABLE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sfp.webapps.sendnode.com/nordlb/event-modul/requests/countRecipients.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.82.207.253 , Germany, ASN48173 (UNBELIEVABLE-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 60ae698420949e5c15628ede39804f648d4de299dfcb398b2f1c9e8c335ab739

Request headers

Accept: */*
Referer: https://mailing.nordlb.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 31 Aug 2022 09:25:53 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 1000
access-control-allow-headers: Content-Type
content-length: 87

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
mailing.nordlb.de
mailing.sparkasse.de
sfp.webapps.sendnode.com
185.98.186.254
2a00:1450:400e:801::200a
80.82.207.253
03e75f73b751c3af980b380ff97bd0f886f1d7c533ce74f91608c349d7fc5a19
0b17ba5879682c5d79521b0de80cf3fe96692210070a3d7a166afe22ef8523b4
21015f15cd51c5a91177e4b600993efff57aefc5f14d92625f7be4f4c82b14cd
4d7ae2ea44bdedbeca1efaa91e9bedc2fc35df543e09a4e2f90865809f891bfe
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
58545a88290858d9a2d145c86089025197f0d730d49db04ae277a6aa0a373375
60ae698420949e5c15628ede39804f648d4de299dfcb398b2f1c9e8c335ab739
7282f3963bf4b2fc289a0828a243b3cfe50ce26609bf05b634b9d45bb077e5b1
7f9c92a0ac0489b60912ace1237006d53784960c438a6e27adb1af6df26998d7
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
bde3bb079dbdb04a2a75b4ea894f4b73c40738cf85548250f61fd4ce1dea10f9
cd2c82f6eb8247d43d1db72ec6545f04938fe6c45f8b5710624ae558d39525f5
eb6322bb51436fa0271121afebe735c471559ceddca48c33db14d96854149e9e
eec33a51ad71ddc109a62606e06da9befd80916e1ee064065140de12219fb245
ef9d53e72ba5278829e504f707a605bb2f119f56fd51543ce5d81b1d601f4cc5
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

mailing.nordlb.de Open in urlscan Pro 185.98.186.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

480 kBTransfer

1005 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

mailing.nordlb.de Open in urlscan Pro
185.98.186.254 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

480 kB
Transfer

1005 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions