xn--glckauf-reisen-hsb.de Open in urlscan Pro Puny
glückauf-reisen.de IDN
213.95.81.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xn--glckauf-reisen-hsb.de/
Submission Tags: @phishunt_io
Submission: On March 12 via api (March 12th 2021, 5:23:54 am UTC) from ES

Summary HTTP 17 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 213.95.81.32, located in Grabenstetten, Germany and belongs to NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE. The main domain is xn--glckauf-reisen-hsb.de.
TLS certificate: Issued by R3 on January 10th 2021. Valid for: 3 months.

This is the only time xn--glckauf-reisen-hsb.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	213.95.81.32 213.95.81.32	12337 (NORIS-NET...) (NORIS-NETWORK IT Service Provider located in Nuernberg)
1	2606:4700:20:... 2606:4700:20::681a:54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	3

14 213.95.81.32 (Grabenstetten, Germany)

ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE)

xn--glckauf-reisen-hsb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
q-t-a.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:54 (United States)

ASN13335 (CLOUDFLARENET, US)

www.privacypolicies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	xn--glckauf-reisen-hsb.de xn--glckauf-reisen-hsb.de	792 KB
2	cloudflare.com cdnjs.cloudflare.com	85 KB
1	q-t-a.de q-t-a.de	101 KB
1	privacypolicies.com www.privacypolicies.com	38 KB
17	4

	Domain	Requested by
13	xn--glckauf-reisen-hsb.de	xn--glckauf-reisen-hsb.de
2	cdnjs.cloudflare.com	xn--glckauf-reisen-hsb.de cdnjs.cloudflare.com
1	q-t-a.de	xn--glckauf-reisen-hsb.de
1	www.privacypolicies.com	xn--glckauf-reisen-hsb.de
17	4

This site contains links to these domains. Also see Links.

Domain
q-t-a.de
schmetterling.giatamedia.com

Subject Issuer	Validity	Valid
xn--glckauf-reisen-hsb.de R3	`2021-01-10` - `2021-04-10`	3 months	crt.sh
privacypolicies.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
q-t-a.de R3	`2021-03-10` - `2021-06-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xn--glckauf-reisen-hsb.de/
Frame ID: 25BFAC51F2EA1CB29E009DE56922C5E8
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1015 kB
Transfer

1302 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://q-t-a.de/covid-19
Title:

Search URL Search Domain Scan URL

URL: https://schmetterling.giatamedia.com/?uid=51721&com=hg&product=bihg&flipCat=1&travelmail=1
Title: Reisekataloge

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xn--glckauf-reisen-hsb.de/ 86 KB
13 KB 2535ms
2444ms Document
text/html 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: d98c40adf6e72729c40d3252f9440b0ab83a34d9944cbad40afb7d7f60aa4a91

Request headers

:method: GET
:authority: xn--glckauf-reisen-hsb.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Fri, 12 Mar 2021 05:23:36 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cluster-node: quadra-web1
content-encoding: gzip

GET
H2 200 roboto-boldcondensed-webfont.woff2
xn--glckauf-reisen-hsb.de/style/fonts/ 19 KB
19 KB 103ms
100ms Font
application/octet-stream 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--glckauf-reisen-hsb.de/style/fonts/roboto-boldcondensed-webfont.woff2
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 933806ac81f95b950f2d510df90131879dcefb5a44bdc25eef06e9e59a862e64

Request headers

Origin: https://xn--glckauf-reisen-hsb.de
Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:36 GMT
last-modified: Thu, 08 Aug 2019 08:12:45 GMT
server: nginx
cluster-node: quadra-web2
expires: Fri, 12 Mar 2021 07:23:36 GMT

GET
H2 200 roboto-condensed-webfont.woff2
xn--glckauf-reisen-hsb.de/style/fonts/ 19 KB
19 KB 88ms
86ms Font
application/octet-stream 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--glckauf-reisen-hsb.de/style/fonts/roboto-condensed-webfont.woff2
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: dd19322e0c44bc391e2e91e8d8411688f7dacb2c05f45d0c7373f529b6114cb2

Request headers

Origin: https://xn--glckauf-reisen-hsb.de
Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:36 GMT
last-modified: Thu, 08 Aug 2019 08:12:45 GMT
server: nginx
cluster-node: quadra-web3
expires: Fri, 12 Mar 2021 07:23:36 GMT

GET
H2 200 cookie-consent.js Show response
www.privacypolicies.com/public/cookie-consent/3.1.0/ 139 KB
38 KB 41ms
21ms Script
application/javascript 2606:4700:20::681a:54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.privacypolicies.com/public/cookie-consent/3.1.0/cookie-consent.js

Requested by

Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5cbac9f8e5c1affeb25629ebce5012c145c6265c76325fbf1ebaef4fd365ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3350
x-priority: 5/n
x-z: 5179
last-modified: Fri, 12 Mar 2021 03:27:42 GMT
cf-request-id: 08c67cf66000004a55dcb4b000000001
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: sameorigin
etag: W/"46d9c413960a45131d048f8152b3823d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FV4wfmdZY0R4sNS4NaTNxWKjjJweoroTKMmW3uZpAjcewpvD9AaL3VGnt%2FXOs64tlBGnhLkHnI36D4NOP3RXyHfOJL0QKqSQ7gcfeYZm4h48DYwnz0RF8sTu%2FjAm%2B%2BlWBdxcxQ%3D%3D"}],"max_age":604800}
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=3600
cf-ray: 62ea976a3b684a55-FRA
expires: Fri, 12 Mar 2021 05:27:42 GMT

GET
H2 200 app.min.css
xn--glckauf-reisen-hsb.de/style/css/ 89 KB
18 KB 311ms
310ms Stylesheet
text/css 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--glckauf-reisen-hsb.de/style/css/app.min.css
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 02d09e9c758452cb4e9d872989da2ab271831cf408d19eb3f8cef3dfbd07e7bc

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:36 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2019 08:12:53 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cluster-node: quadra-web1
expires: Fri, 12 Mar 2021 07:23:36 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 56 KB
10 KB 11ms
9ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Requested by

Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://xn--glckauf-reisen-hsb.de
Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1929071
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10022
cf-request-id: 08c67cf64d00004ab578b41000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-de0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z3jiHoEZMsbCNCvVAtaYYJ3HeFj6jiZHGXQAc5kl7ANi9OGcsbJ4iHuXrCWOuSWAEUcihn1y4%2FVnD0ZrUC0hg%2FgmtbxJi3ch2%2B7nolG1SFw0Bx6KqAFneB%2Bg9Y4KW2y9gQ%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62ea976a188c4ab5-FRA
expires: Wed, 02 Mar 2022 05:23:36 GMT

GET
H2 200 modernizr.custom.min.js Show response
xn--glckauf-reisen-hsb.de/style/js/vendor/ 5 KB
5 KB 79ms
78ms Script
text/plain 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--glckauf-reisen-hsb.de/style/js/vendor/modernizr.custom.min.js
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 44c24f41fef5d3a624a5888104a1fabe4b6f61fc55ca75417befc18a5363d46b

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:36 GMT
last-modified: Thu, 08 Aug 2019 08:12:54 GMT
server: nginx
cluster-node: quadra-web4
expires: Fri, 12 Mar 2021 07:23:36 GMT

GET
H2 200 369225
xn--glckauf-reisen-hsb.de/files/ 190 KB
191 KB 85ms
80ms Image
image/jpg 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--glckauf-reisen-hsb.de/files/369225
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5f3fc977d56eda482fa4efd2f6f70972d0bb234c599a11f922215fedd0acb551

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:36 GMT
last-modified: Fri, 29 May 2015 12:47:33 GMT
server: nginx
cluster-node: quadra-web3
content-disposition: inline; filename=51721_Logo.jpg
content-type: image/jpg

GET
H2 200 SMG_QUADRA_Corona_Banner_321x372px_230320.jpg
q-t-a.de/wp-content/uploads/2020/03/ 101 KB
101 KB 134ms
45ms Image
image/jpeg 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://q-t-a.de/wp-content/uploads/2020/03/SMG_QUADRA_Corona_Banner_321x372px_230320.jpg
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 32b5d5e1d1a2f98e4820a443b563d5ae396985e3e36b200da76bce92c0d60375

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:37 GMT
last-modified: Fri, 27 Mar 2020 10:02:06 GMT
server: nginx
etag: "5e7dcf1e-19334"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 103220
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bg__contactbox--2.jpg
xn--glckauf-reisen-hsb.de/style/img/ 13 KB
13 KB 84ms
78ms Image
image/jpeg 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--glckauf-reisen-hsb.de/style/img/bg__contactbox--2.jpg
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 2167197e692b8f70d08939150c505d00cc0b91e714648e9eab8dd7e4831599cd

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:37 GMT
last-modified: Thu, 08 Aug 2019 08:12:44 GMT
server: nginx
cluster-node: quadra-web4
expires: Fri, 12 Mar 2021 07:23:37 GMT

GET
H2 200 DB_eM_rgb_40px.png
xn--glckauf-reisen-hsb.de/style/img/ 2 KB
2 KB 89ms
87ms Image
image/png 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--glckauf-reisen-hsb.de/style/img/DB_eM_rgb_40px.png
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 739d5d5736eab31651cd7b0a87bc743f7a17652aaa4800f1ea3b5fd0bb2417c3

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:37 GMT
last-modified: Thu, 08 Aug 2019 08:12:45 GMT
server: nginx
cluster-node: quadra-web1
expires: Fri, 12 Mar 2021 07:23:37 GMT

GET
H2 200 app.min.js Show response
xn--glckauf-reisen-hsb.de/style/js/ 181 KB
181 KB 91ms
91ms Script
text/plain 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--glckauf-reisen-hsb.de/style/js/app.min.js
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7eb5b5436cf25ac88efb1ec46505a397735258bbde6f4ea2e674c5a69f950e43

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:36 GMT
last-modified: Tue, 06 Oct 2020 11:28:08 GMT
server: nginx
cluster-node: quadra-web2
expires: Fri, 12 Mar 2021 07:23:36 GMT

GET
H2 200 bg__header.jpg
xn--glckauf-reisen-hsb.de/style/img/ 63 KB
64 KB 94ms
92ms Image
image/jpeg 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--glckauf-reisen-hsb.de/style/img/bg__header.jpg
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/style/css/app.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8b912d81c718a3c8e677577ff36ab4d6db457c5e190b437a33436dc35d19775f

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/style/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:37 GMT
last-modified: Thu, 08 Aug 2019 08:12:53 GMT
server: nginx
cluster-node: quadra-web2
expires: Fri, 12 Mar 2021 07:23:37 GMT

GET
H2 200 484556
xn--glckauf-reisen-hsb.de/files/ 214 KB
215 KB 81ms
80ms Image
image/jpg 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--glckauf-reisen-hsb.de/files/484556
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9fe6c4c76d1459919e7a427a20c884c5680fdb54799af3701b009f281761c8f2

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:37 GMT
last-modified: Wed, 16 Nov 2016 00:00:00 GMT
server: nginx
cluster-node: quadra-web3
content-disposition: inline; filename=kreta.jpg
content-type: image/jpg

GET
H2 200 484557
xn--glckauf-reisen-hsb.de/files/ 31 KB
32 KB 75ms
73ms Image
image/jpg 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--glckauf-reisen-hsb.de/files/484557
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: 02dd16f2c349e511a291b246bfc2080e6dca078baf6ecf4c3360ba2b38194d63

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:37 GMT
last-modified: Wed, 16 Nov 2016 00:00:00 GMT
server: nginx
cluster-node: quadra-web4
content-disposition: inline; filename=rhodos.jpg
content-type: image/jpg

GET
H2 200 484558
xn--glckauf-reisen-hsb.de/files/ 19 KB
20 KB 102ms
101ms Image
image/jpg 213.95.81.32
NORIS-NETWORK IT ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--glckauf-reisen-hsb.de/files/484558
Requested by: Host: xn--glckauf-reisen-hsb.de
URL: https://xn--glckauf-reisen-hsb.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.95.81.32 Grabenstetten, Germany, ASN12337 (NORIS-NETWORK IT Service Provider located in Nuernberg, Germany, DE),
Reverse DNS
Software: nginx /
Resource Hash: a1e6a99d1acd291110f96cdb68c87383e8aa193c36f5a9de82ce4e91cb839f20

Request headers

Referer: https://xn--glckauf-reisen-hsb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:37 GMT
last-modified: Wed, 16 Nov 2016 00:00:00 GMT
server: nginx
cluster-node: quadra-web1
content-disposition: inline; filename=kos.jpg
content-type: image/jpg

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 74 KB
74 KB 13ms
12ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://xn--glckauf-reisen-hsb.de
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 05:23:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 99534
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75728
cf-request-id: 08c67cf7be00004ab5d0280000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-127d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f6BFARTT%2FqNQ0PJ7crR4DRXcNsVZpJ4IyN8JBijjzy9tYazB9TI%2BDS7rSV4GVfKdkthvnFxp2LG9f2gEXgW%2FtRBgRmZh99HTEJgMLZaS1Awxnxfp%2Bk33LC81zuABKP8YDg%3D%3D"}]}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 62ea976c6ab34ab5-FRA
expires: Wed, 02 Mar 2022 05:23:37 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
q-t-a.de
www.privacypolicies.com
xn--glckauf-reisen-hsb.de
213.95.81.32
2606:4700:20::681a:54
2606:4700::6810:125e
02d09e9c758452cb4e9d872989da2ab271831cf408d19eb3f8cef3dfbd07e7bc
02dd16f2c349e511a291b246bfc2080e6dca078baf6ecf4c3360ba2b38194d63
2167197e692b8f70d08939150c505d00cc0b91e714648e9eab8dd7e4831599cd
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
32b5d5e1d1a2f98e4820a443b563d5ae396985e3e36b200da76bce92c0d60375
44c24f41fef5d3a624a5888104a1fabe4b6f61fc55ca75417befc18a5363d46b
5f3fc977d56eda482fa4efd2f6f70972d0bb234c599a11f922215fedd0acb551
739d5d5736eab31651cd7b0a87bc743f7a17652aaa4800f1ea3b5fd0bb2417c3
7eb5b5436cf25ac88efb1ec46505a397735258bbde6f4ea2e674c5a69f950e43
8b912d81c718a3c8e677577ff36ab4d6db457c5e190b437a33436dc35d19775f
933806ac81f95b950f2d510df90131879dcefb5a44bdc25eef06e9e59a862e64
9fe6c4c76d1459919e7a427a20c884c5680fdb54799af3701b009f281761c8f2
a1e6a99d1acd291110f96cdb68c87383e8aa193c36f5a9de82ce4e91cb839f20
a5cbac9f8e5c1affeb25629ebce5012c145c6265c76325fbf1ebaef4fd365ab6
d98c40adf6e72729c40d3252f9440b0ab83a34d9944cbad40afb7d7f60aa4a91
dd19322e0c44bc391e2e91e8d8411688f7dacb2c05f45d0c7373f529b6114cb2
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

xn--glckauf-reisen-hsb.de Open in urlscan Pro Puny glückauf-reisen.de IDN 213.95.81.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

67 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

1015 kBTransfer

1302 kBSize

0 Cookies

2 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

0 Cookies

Indicators

xn--glckauf-reisen-hsb.de Open in urlscan Pro Puny
glückauf-reisen.de IDN
213.95.81.32 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1015 kB
Transfer

1302 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions