heizung-sanitaer-artmeier.de Open in urlscan Pro
185.30.32.121 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.ermis.gov.gr/pls/orasso/orasso.wwctx_app_language.set_language?p_http_language=fr-fr&p_nls_language=f&p_nlS_t...
Effective URL:
https://heizung-sanitaer-artmeier.de/wp-content/themes/doc.html
Submission: On November 14 via manual (November 14th 2022, 3:47:39 pm UTC) from GB — Scanned from GB

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 185.30.32.121, located in Germany and belongs to DE-WEBGO www.webgo.de, DE. The main domain is heizung-sanitaer-artmeier.de.
TLS certificate: Issued by R3 on October 24th 2022. Valid for: 3 months.

This is the only time heizung-sanitaer-artmeier.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	84.205.225.110 84.205.225.110	35506 (SYZEFXIS) (SYZEFXIS)
1	185.30.32.121 185.30.32.121	48324 (DE-WEBGO ...) (DE-WEBGO www.webgo.de)
2	2

1 84.205.225.110 (Athens, Greece) 1 redirects

ASN35506 (SYZEFXIS, GR)
PTR: login.ermis.gov.gr

login.ermis.gov.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.30.32.121 (Germany)

ASN48324 (DE-WEBGO www.webgo.de, DE)
PTR: s121.goserver.host

heizung-sanitaer-artmeier.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	heizung-sanitaer-artmeier.de heizung-sanitaer-artmeier.de	216 B
1	ermis.gov.gr 1 redirects login.ermis.gov.gr	831 B
0	untirta.ac.id Failed ptm.untirta.ac.id Failed
2	3

	Domain	Requested by
1	heizung-sanitaer-artmeier.de
1	login.ermis.gov.gr	1 redirects
0	ptm.untirta.ac.id Failed
2	3

This site contains no links.

Subject Issuer	Validity	Valid
heizung-sanitaer-artmeier.de R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh

This page contains 1 frames:

Frame: https://ptm.untirta.ac.id/wordpress/rlogin.microsoft.html
Frame ID: 421F257945D99AEEA886F3B88DA2440D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://login.ermis.gov.gr/pls/orasso/orasso.wwctx_app_language.set_language?p_http_language=fr-fr&p_nl... HTTP 302
https://heizung-sanitaer-artmeier.de/wp-content/themes/doc.html Page URL

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

0 kB
Transfer

0 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.ermis.gov.gr/pls/orasso/orasso.wwctx_app_language.set_language?p_http_language=fr-fr&p_nls_language=f&p_nlS_territory=france&p_requested_url=https://heizung-sanitaer-artmeier.de/wp-content/themes/doc.html HTTP 302
https://heizung-sanitaer-artmeier.de/wp-content/themes/doc.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request doc.html Show response heizung-sanitaer-artmeier.de/wp-content/themes/ Redirect Chain https://login.ermis.gov.gr/pls/orasso/orasso.wwctx_app_language.set_language?p_http_language=fr-fr&p_nls_language=f&p_nlS_territory=france&p_requested_url=https://heizung-sanitaer-artmeier.de/wp-co... https://heizung-sanitaer-artmeier.de/wp-content/themes/doc.html	102 B 216 B	151ms 45ms	Document text/html	185.30.32.121 DE-WEBGO www.webg...
General Check archive.org Show headers Download Go to Full URL https://heizung-sanitaer-artmeier.de/wp-content/themes/doc.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.30.32.121 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE), Reverse DNS s121.goserver.host Software nginx / Resource Hash `32d95511b490dcfca09f82e6b6c360f6dcbbf0c9327caa94c2738f31b055a3cd` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 14 Nov 2022 15:47:25 GMT server nginx vary Accept-Encoding Redirect headers Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Mon, 14 Nov 2022 15:47:25 GMT Keep-Alive timeout=300, max=999 Location https://heizung-sanitaer-artmeier.de/wp-content/themes/doc.html Server Oracle-Application-Server-10g/10.1.2.2.0 Oracle-HTTP-Server OracleAS-Web-Cache-10g/10.1.2.3.0 (N;ecid=72057885182146175,0)
GET		rlogin.microsoft.html ptm.untirta.ac.id/wordpress/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ptm.untirta.ac.id
URL: https://ptm.untirta.ac.id/wordpress/rlogin.microsoft.html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.ermis.gov.gr/	1969-12-31 23:59:59	Name: orasso Value: 9.0.3+fr-fr+f+FRANCE+ED711EE306950CBDE05400144FAE9A02+A3D5AFD17D9A6ABD82CCBC940C2EB9420F8484CCD7874D2B3E3DCE2F099B21574212C3E5C523D1FF756BD03C50E9A4720970CCB3BE30C9B7FC274F1D2CD1CAE05F3219A2442C6575890D4F61185F7AF7F55808CC5E2901CA
login.ermis.gov.gr/	1970-01-20 16:13:32	Name: LOGIN_NLS Value: fr-fr
login.ermis.gov.gr/	1969-12-31 23:59:59	Name: NSC_mphjo.fsnjt-443-wjq Value: ffffffffc3a0150145525d5f4f58455e445a4a422853

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

heizung-sanitaer-artmeier.de
login.ermis.gov.gr
ptm.untirta.ac.id
ptm.untirta.ac.id
185.30.32.121
84.205.225.110
32d95511b490dcfca09f82e6b6c360f6dcbbf0c9327caa94c2738f31b055a3cd

heizung-sanitaer-artmeier.de Open in urlscan Pro 185.30.32.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

50 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

0 kBTransfer

0 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

Indicators

heizung-sanitaer-artmeier.de Open in urlscan Pro
185.30.32.121 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

0 kB
Transfer

0 kB
Size

3
Cookies

2 HTTP transactions
0 data transactions