mails.beste-sales24.de Open in urlscan Pro
54.36.234.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg
Submission: On August 15 via api (August 15th 2022, 8:46:57 pm UTC) from CH — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 54.36.234.44, located in France and belongs to OVH, FR. The main domain is mails.beste-sales24.de.
TLS certificate: Issued by R3 on June 24th 2022. Valid for: 3 months.

This is the only time mails.beste-sales24.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	54.36.234.44 54.36.234.44	16276 (OVH) (OVH)
6	52.219.171.129 52.219.171.129	16509 (AMAZON-02) (AMAZON-02)
1	46.4.91.100 46.4.91.100	24940 (HETZNER-AS) (HETZNER-AS)
9	3

2 54.36.234.44 (France)

ASN16276 (OVH, FR)
PTR: main.rd-worker.de

mails.beste-sales24.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.219.171.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com

s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.91.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.91.4.46.clients.your-server.de

ph365.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	amazonaws.com s3.eu-central-1.amazonaws.com	279 KB
2	beste-sales24.de mails.beste-sales24.de	7 KB
1	ph365.de ph365.de — Cisco Umbrella Rank: 731382	304 B
9	3

	Domain	Requested by
6	s3.eu-central-1.amazonaws.com	mails.beste-sales24.de
2	mails.beste-sales24.de	mails.beste-sales24.de
1	ph365.de	mails.beste-sales24.de
9	3

This site contains no links.

Subject Issuer	Validity	Valid
mails.beste-sales24.de R3	`2022-06-24` - `2022-09-22`	3 months	crt.sh
*.s3.eu-central-1.amazonaws.com Amazon	`2021-12-09` - `2022-12-06`	a year	crt.sh
*.ph365.de AlphaSSL CA - SHA256 - G2	`2022-06-13` - `2023-07-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg
Frame ID: DD3312D79593B4857291B861A0D48261
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

286 kB
Transfer

317 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg Show response mails.beste-sales24.de/siof5/	40 KB 6 KB	167ms 141ms	Document text/html	54.36.234.44 OVH
General Check archive.org Show headers Download Go to Full URL https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 54.36.234.44 , France, ASN16276 (OVH, FR), Reverse DNS main.rd-worker.de Software Apache/2.4.29 (Ubuntu) / Resource Hash `41305aedbc79a7a31f5f399afd2c0816a5845f75dee5ab7f55b69c20e5e3bb31` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, authorization,collective,Cache-Control,x-requested-with,Connection,Content-Length,Content-Type Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE, OPTIONS Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 5814 Content-Type text/html; charset=UTF-8 Date Mon, 15 Aug 2022 20:46:53 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding
GET H/1.1	200 OK	14354.jpg s3.eu-central-1.amazonaws.com/z2img/670/	113 KB 113 KB	53ms 24ms	Image image/jpeg	52.219.171.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z2img/670/14354.jpg Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.171.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `bab8ea9b6898b0cc46be05c46218d0b6afc8e06867dbc58195061b811e53e79e` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:46:54 GMT Last-Modified Mon, 25 Jul 2022 11:35:41 GMT Server AmazonS3 x-amz-request-id Q4GK8A1228QVHQK8 ETag "d7e080d36236c0860702758323af754d" Content-Type image/jpeg Accept-Ranges bytes Content-Length 115390 x-amz-id-2 lPCcipeEOs1IYYhKODSxULS6MbAkhyQCJi6w/tY2d3fyhNUD1NW2b2rrGSXrkqaTg8aLP0DJ6h4=
GET H/1.1	200 OK	14355.jpg s3.eu-central-1.amazonaws.com/z2img/670/	86 KB 86 KB	53ms 25ms	Image image/jpeg	52.219.171.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z2img/670/14355.jpg Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.171.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `b782767a94dfef8d103253c3190e69ed2ce98955f7ab5cd574e866ab19286de9` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:46:54 GMT Last-Modified Mon, 25 Jul 2022 11:35:41 GMT Server AmazonS3 x-amz-request-id Q4GY1FXXAJHF1482 ETag "812af84c6e10fd4eea73bd89f9039c53" Content-Type image/jpeg Accept-Ranges bytes Content-Length 88117 x-amz-id-2 umYnAmBIurbrP2SFuqg/1WmVsaq+d9aq4Q0nP9QWMkuIQVKpTxJlyCPO9IQEmgH87GF+qnlHnn4=
GET H/1.1	200 OK	14356.png s3.eu-central-1.amazonaws.com/z2img/670/	267 B 623 B	39ms 23ms	Image image/png	52.219.171.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z2img/670/14356.png Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.171.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `2428bd1ab0607b8aed68edb7ba7ff727b2671c52583989c57467ea0ab6665d27` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:46:54 GMT Last-Modified Mon, 25 Jul 2022 11:35:42 GMT Server AmazonS3 x-amz-request-id Q4GH00B5ERRYRT9V ETag "99e23f81728087cc4626df9df66f127e" Content-Type image/png Accept-Ranges bytes Content-Length 267 x-amz-id-2 9XjFAZzebGNBbJHxfhyhKjn0AVu8lMbRhXF6ywC4Af+pCCQThHi+ZlhQc2opQADImJlx6vlN0B8=
GET H/1.1	200 OK	14357.jpg s3.eu-central-1.amazonaws.com/z2img/670/	77 KB 77 KB	52ms 36ms	Image image/jpeg	52.219.171.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z2img/670/14357.jpg Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.171.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `680dc3bad6556b7432c9860714970da12056550cb3d14d70bdf883e4e2085ce9` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:46:54 GMT Last-Modified Mon, 25 Jul 2022 11:35:42 GMT Server AmazonS3 x-amz-request-id Q4GWW8V238CCQFDT ETag "6fcf89d924a3e2709c1e52bbc6eac166" Content-Type image/jpeg Accept-Ranges bytes Content-Length 78619 x-amz-id-2 +kKgIycqRBdVL95HUPKTZpFyNWjzWlrH5AQdARZt01eWgikPxKQ/jcapCKFzrnm3YbWF9j6TX50=
GET H/1.1	200 OK	14358.png s3.eu-central-1.amazonaws.com/z2img/670/	1 KB 2 KB	39ms 22ms	Image image/png	52.219.171.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z2img/670/14358.png Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.171.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `b48b7a013d0c2eec176ac2ea7bcdf82d55a0513943cc3352e6e1269658f96d6f` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:46:54 GMT Last-Modified Mon, 25 Jul 2022 11:35:42 GMT Server AmazonS3 x-amz-request-id Q4GT9K86RKV2FGY7 ETag "cd0918a2db159b7393ad4843a349b497" Content-Type image/png Accept-Ranges bytes Content-Length 1359 x-amz-id-2 jsCK7QXNyb4fK6miHSEA0EYwGUTgAmNQDWyevMl61YNcg8qgrbVdhvjJ04iGp1ecSNiVcMW94nk=
GET H/1.1	200 OK	14359.gif s3.eu-central-1.amazonaws.com/z2img/670/	43 B 398 B	37ms 20ms	Image image/gif	52.219.171.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.eu-central-1.amazonaws.com/z2img/670/14359.gif Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.171.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS s3.eu-central-1.amazonaws.com Software AmazonS3 / Resource Hash `548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:46:54 GMT Last-Modified Mon, 25 Jul 2022 11:35:42 GMT Server AmazonS3 x-amz-request-id Q4GM3SARK12RQ2H5 ETag "df3e567d6f16d040326c7a0ea29a4f41" Content-Type image/gif Accept-Ranges bytes Content-Length 43 x-amz-id-2 L4K1GbY6cUUubqzgL30efpwvSTWZxlrnoVqIqvoaLgA1zQprhs+CVP+ugcKikFV3GBgcxsDitt4=
GET H/1.1	200 OK	pixel ph365.de/	43 B 304 B	66ms 14ms	Image image/gif	46.4.91.100 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ph365.de/pixel?tid=33382 Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.4.91.100 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.100.91.4.46.clients.your-server.de Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.2.34 / PHP/7.2.34 Resource Hash `aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 20:46:53 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.2.34 Connection Keep-Alive X-Powered-By PHP/7.2.34 Content-Length 43 Keep-Alive timeout=5, max=100 Content-Type image/gif
GET H/1.1	200 OK	6tHPk0egUdvNS0ONT0KdSsWtS0GNTqKdUY4WTtqdUcjdk.gif mails.beste-sales24.de/ZZmeG/	59 B 621 B	31ms 30ms	Image image/gif	54.36.234.44 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://mails.beste-sales24.de/ZZmeG/6tHPk0egUdvNS0ONT0KdSsWtS0GNTqKdUY4WTtqdUcjdk.gif Requested by Host: mails.beste-sales24.de URL: https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 54.36.234.44 , France, ASN16276 (OVH, FR), Reverse DNS main.rd-worker.de Software Apache/2.4.29 (Ubuntu) / Resource Hash `6d7cb2009d8d7f9eddd6d52fc49c7142d7290a36a77022537eb369459c0d0399` Request headers accept-language de-DE,de;q=0.9 Referer https://mails.beste-sales24.de/siof5/2xDTg4WlQhrBO4KRP4GhOwSxO4CRPuGhQ200PxmhQgfhg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Pragma no-cache Date Mon, 15 Aug 2022 20:46:53 GMT Server Apache/2.4.29 (Ubuntu) Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Access-Control-Allow-Headers Origin, Content-Type, X-Auth-Token, authorization,collective,Cache-Control,x-requested-with,Connection,Content-Length,Content-Type Content-Length 59 Keep-Alive timeout=5, max=99 Expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mails.beste-sales24.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: ttc89mb55mp4ih0fn6vkbf3ikt

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mails.beste-sales24.de
ph365.de
s3.eu-central-1.amazonaws.com
46.4.91.100
52.219.171.129
54.36.234.44
2428bd1ab0607b8aed68edb7ba7ff727b2671c52583989c57467ea0ab6665d27
41305aedbc79a7a31f5f399afd2c0816a5845f75dee5ab7f55b69c20e5e3bb31
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
680dc3bad6556b7432c9860714970da12056550cb3d14d70bdf883e4e2085ce9
6d7cb2009d8d7f9eddd6d52fc49c7142d7290a36a77022537eb369459c0d0399
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b48b7a013d0c2eec176ac2ea7bcdf82d55a0513943cc3352e6e1269658f96d6f
b782767a94dfef8d103253c3190e69ed2ce98955f7ab5cd574e866ab19286de9
bab8ea9b6898b0cc46be05c46218d0b6afc8e06867dbc58195061b811e53e79e

mails.beste-sales24.de Open in urlscan Pro 54.36.234.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

286 kBTransfer

317 kBSize

1 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Indicators

mails.beste-sales24.de Open in urlscan Pro
54.36.234.44 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

286 kB
Transfer

317 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions