email.dashoefer.de Open in urlscan Pro
217.175.192.43 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://email.dashoefer.de/u/gm.php?prm=cuqueqAeAM_794450776_1307174_12237
Submission: On January 20 via manual (January 20th 2021, 12:46:19 pm UTC) from IL

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 217.175.192.43, located in Austria and belongs to NEXTLAYER-AS, AT. The main domain is email.dashoefer.de.
TLS certificate: Issued by R3 on December 30th 2020. Valid for: 3 months.

This is the only time email.dashoefer.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	217.175.192.43 217.175.192.43	1764 (NEXTLAYER-AS) (NEXTLAYER-AS)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
1 4	5.159.58.60 5.159.58.60	59507 (TLN-AS) (TLN-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
8	5

2 217.175.192.43 (Austria)

ASN1764 (NEXTLAYER-AS, AT)

email.dashoefer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.159.58.60 (Echem, Germany) 1 redirects

ASN59507 (TLN-AS, DE)

static.dashoefer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gemini.dashoefer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	dashoefer.de 1 redirects email.dashoefer.de static.dashoefer.de gemini.dashoefer.de	20 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	gstatic.com fonts.gstatic.com	9 KB
8	3

	Domain	Requested by
2	gemini.dashoefer.de	1 redirects email.dashoefer.de
2	static.dashoefer.de	email.dashoefer.de
2	fonts.googleapis.com	email.dashoefer.de
2	email.dashoefer.de	email.dashoefer.de
1	fonts.gstatic.com	fonts.googleapis.com
8	5

This site contains no links.

Subject Issuer	Validity	Valid
email.dashoefer.de R3	`2020-12-30` - `2021-03-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
dashoefer.de Let's Encrypt Authority X3	`2020-11-23` - `2021-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://email.dashoefer.de/u/gm.php?prm=cuqueqAeAM_794450776_1307174_12237
Frame ID: 1986CE83039B90446B3C92BA8B40BDFC
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

8
Requests

63 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

30 kB
Transfer

40 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://gemini.dashoefer.de/cemopen/pruefbild.php?adresse=1189411&email=michael.zeunert@qiagen.com&ap=5131166&utm_source=PC9-MANA_XS-AM-PRO&utm_medium=cem&utm_campaign=$cname$&wa=$cname$ HTTP 302
http://gemini.dashoefer.de/cemopen/checkimage.php?adresse=1189411&email=michael.zeunert@qiagen.com&ap=5131166&utm_source=PC9-MANA_XS-AM-PRO&utm_medium=cem&utm_campaign=$cname$&wa=$cname$

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request gm.php Show response
email.dashoefer.de/u/ 12 KB
4 KB 411ms
268ms Document
text/html 217.175.192.43
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://email.dashoefer.de/u/gm.php?prm=cuqueqAeAM_794450776_1307174_12237

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),

Reverse DNS

Software

nginx /

Resource Hash

d59c50fc81b98e74d66fa7b629fac3fab7431f13226b66eb74dd9fe2b3b6dede

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-popups allow-popups-to-escape-sandbox;

Request headers

Host: email.dashoefer.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Wed, 20 Jan 2021 12:46:00 GMT
content-type: text/html; charset=utf-8
content-length: 3238
content-security-policy: sandbox allow-popups allow-popups-to-escape-sandbox;
vary: Accept-Encoding
content-encoding: gzip
x-af: suite34-web1
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
x-fe: suite34-web1
x-hf: suite-haproxy01a

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 21ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=cuqueqAeAM_794450776_1307174_12237

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d80f75d440bdac86e42db51c4c28467cec86111ac33d5d0c6e1f02025ae8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 20 Jan 2021 12:46:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Jan 2021 12:36:18 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Wed, 20 Jan 2021 12:46:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
646 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=cuqueqAeAM_794450776_1307174_12237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 20 Jan 2021 12:26:58 GMT
server: ESF
date: Wed, 20 Jan 2021 12:46:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Jan 2021 12:46:00 GMT

GET
H/1.1 200
OK VD_Logo_125x125px.jpg
static.dashoefer.de/images/mailaktion/ 9 KB
9 KB 157ms
40ms Image
image/jpeg 5.159.58.60
TLN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dashoefer.de/images/mailaktion/VD_Logo_125x125px.jpg

Requested by

Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=cuqueqAeAM_794450776_1307174_12237

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

5.159.58.60 Echem, Germany, ASN59507 (TLN-AS, DE),

Reverse DNS

Software

lighttpd/1.4.53 /

Resource Hash

0a70e55fd617f0c14df32c12ed645a7209be0dcaa41e1dd92b5abf645a840cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://www.dashoefer.de

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 20 Jan 2021 12:46:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 09:32:49 GMT
Server: lighttpd/1.4.53
ETag: "4121897124"
X-Frame-Options: SAMEORIGIN ALLOW-FROM https://www.dashoefer.de
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 9182
Expires: Fri, 19 Feb 2021 12:46:00 GMT

GET
H/1.1 200
OK u_gerzen.jpg
static.dashoefer.de/relaunch/images/unterschriften/ 6 KB
6 KB 158ms
38ms Image
image/jpeg 5.159.58.60
TLN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dashoefer.de/relaunch/images/unterschriften/u_gerzen.jpg

Requested by

Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=cuqueqAeAM_794450776_1307174_12237

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

5.159.58.60 Echem, Germany, ASN59507 (TLN-AS, DE),

Reverse DNS

Software

lighttpd/1.4.53 /

Resource Hash

a711f5db0cc155213d92b9fde7de8e926a3c61f8dedfba0af97a84631a174b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://www.dashoefer.de

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 20 Jan 2021 12:46:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Jan 2019 12:37:55 GMT
Server: lighttpd/1.4.53
ETag: "4258203910"
X-Frame-Options: SAMEORIGIN ALLOW-FROM https://www.dashoefer.de
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 5741
Expires: Fri, 19 Feb 2021 12:46:00 GMT

GET
H/1.1

200
OK

checkimage.php
gemini.dashoefer.de/cemopen/
Redirect Chain

http://gemini.dashoefer.de/cemopen/pruefbild.php?adresse=1189411&email=michael.zeunert@qiagen.com&ap=5131166&utm_source=PC9-MANA_XS-AM-PRO&utm_medium=cem&utm_campaign=$cname$&wa=$cname$
http://gemini.dashoefer.de/cemopen/checkimage.php?adresse=1189411&email=michael.zeunert@qiagen.com&ap=5131166&utm_source=PC9-MANA_XS-AM-PRO&utm_medium=cem&utm_campaign=$cname$&wa=$cname$

35 B
234 B

56ms
56ms

Image
image/gif

5.159.58.60
TLN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gemini.dashoefer.de/cemopen/checkimage.php?adresse=1189411&email=michael.zeunert@qiagen.com&ap=5131166&utm_source=PC9-MANA_XS-AM-PRO&utm_medium=cem&utm_campaign=$cname$&wa=$cname$
Requested by: Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=cuqueqAeAM_794450776_1307174_12237
Protocol: HTTP/1.1
Server: 5.159.58.60 Echem, Germany, ASN59507 (TLN-AS, DE),
Reverse DNS
Software: Apache / PHP/5.6
Resource Hash: cfd2d78ecbf22c168ce6b2f16d92b89871fe94774ae8d0887efe5b53cfe5dd0c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 20 Jan 2021 12:46:00 GMT
Server: Apache
X-Powered-By: PHP/5.6
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: http://gemini.dashoefer.de/cemopen/checkimage.php?adresse=1189411&email=michael.zeunert@qiagen.com&ap=5131166&utm_source=PC9-MANA_XS-AM-PRO&utm_medium=cem&utm_campaign=$cname$&wa=$cname$
Date: Wed, 20 Jan 2021 12:46:00 GMT
Server: Apache
X-Powered-By: PHP/5.6
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cuqueqAeAM_794450776_1307174_12237_1863396.gif
email.dashoefer.de/mo/ 43 B
245 B 98ms
77ms Image
image/gif 217.175.192.43
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://email.dashoefer.de/mo/cuqueqAeAM_794450776_1307174_12237_1863396.gif
Requested by: Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=cuqueqAeAM_794450776_1307174_12237
Protocol: HTTP/1.1
Server: 217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 12:46:00 GMT
x-hf: suite-haproxy01a
last-modified: Wed, 01 Aug 2018 13:00:37 GMT
x-fe: openfe02
content-length: 43
server: nginx
content-type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 20:12:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 491623
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:12:17 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	sandbox allow-popups allow-popups-to-escape-sandbox;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.dashoefer.de
fonts.googleapis.com
fonts.gstatic.com
gemini.dashoefer.de
static.dashoefer.de
217.175.192.43
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:819::200a
5.159.58.60
0a70e55fd617f0c14df32c12ed645a7209be0dcaa41e1dd92b5abf645a840cf3
0d80f75d440bdac86e42db51c4c28467cec86111ac33d5d0c6e1f02025ae8e7b
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
a711f5db0cc155213d92b9fde7de8e926a3c61f8dedfba0af97a84631a174b9c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
cfd2d78ecbf22c168ce6b2f16d92b89871fe94774ae8d0887efe5b53cfe5dd0c
d59c50fc81b98e74d66fa7b629fac3fab7431f13226b66eb74dd9fe2b3b6dede

email.dashoefer.de Open in urlscan Pro 217.175.192.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

63 %HTTPS

60 %IPv6

3 Domains

5 Subdomains

5 IPs

2 Countries

30 kBTransfer

40 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

email.dashoefer.de Open in urlscan Pro
217.175.192.43 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

63 %
HTTPS

60 %
IPv6

3
Domains

5
Subdomains

5
IPs

2
Countries

30 kB
Transfer

40 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions