urlscan.io logo urlscan.io
SecurityTrails logo

henkana1972.zzux.com Open in urlscan Pro
91.201.42.238  Public Scan

Go To Rescan Add Verdict Report
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Submission Tags: falconsandbox
Submission: On April 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 8 countries across 18 domains to perform 22 HTTP transactions. The main IP is 91.201.42.238, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, Moscow, Russia, RU. The main domain is henkana1972.zzux.com.
This is the only time henkana1972.zzux.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91.201.42.238 210079 (EUROBYTE ...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2a01:488:42:1... 20773 (GODADDY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 85.13.131.27 34788 (NMM-AS D)
1 34.90.49.24 15169 (GOOGLE)
1 1 104.18.14.176 13335 (CLOUDFLAR...)
1 2 217.26.53.221 29097 (HOSTPOINT-AS)
1 2600:3c02:1::... 63949 (LINODE-AP...)
1 185.30.32.204 48324 (DE-WEBGO ...)
2 3 78.47.92.38 24940 (HETZNER-AS)
1 45.207.95.115 136800 (XIAOZHIYU...)
1 35.214.108.164 15169 (GOOGLE)
1 1 184.168.131.241 26496 (AS-26496-...)
1 159.69.43.175 24940 (HETZNER-AS)
1 2 2a00:1158:100... 8972 (GD-EMEA-D...)
22 15
1    91.201.42.238 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU)
PTR: maxim.biz
henkana1972.zzux.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    2a01:488:42:1000:50ed:84a7:ffa9:fbec (Germany)

ASN20773 (GODADDY, DE)
gws2.de
2    2606:4700::6812:eb0 (United States)

ASN13335 (CLOUDFLARENET, US)
i.pinimg.com
1    85.13.131.27 (Neusalza-Spremberg, Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd32338.kasserver.com
www.runterwegs.de
1    34.90.49.24 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 24.49.90.34.bc.googleusercontent.com
www.xobbu.com
1    104.18.14.176 (United States)

ASN13335 (CLOUDFLARENET, US)
s-media-cache-ak0.pinimg.com
2    217.26.53.221 (Switzerland)

ASN29097 (HOSTPOINT-AS, CH)
PTR: sl208.web.hostpoint.ch
www.unterstufe.ch
1    2600:3c02:1::2d4f:f40e (United States)

ASN63949 (LINODE-AP Linode, LLC, US)
the20weekscampaign.org
1    185.30.32.204 (Germany)

ASN48324 (DE-WEBGO www.webgo.de, DE)
PTR: s204.goserver.host
www.vordruck-vorlage.de
3    78.47.92.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.92.47.78.clients.your-server.de
top50spiele.de
www.top50spiele.de
1    45.207.95.115 (Hong Kong)

ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US)
losgringosdr.com
1    35.214.108.164 (London, United Kingdom)

ASN15169 (GOOGLE, US)
PTR: 164.108.214.35.bc.googleusercontent.com
www.knobeln-online.info
1    184.168.131.241 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
adirondackweathersite.com
1    159.69.43.175 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.175.43.69.159.clients.your-server.de
www.fawntastique.com
2    2a00:1158:1000:406::d4 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
www.formularbox.de
Domain Requested by
3 gws2.de 1 redirects henkana1972.zzux.com
2 www.formularbox.de 1 redirects henkana1972.zzux.com
2 www.top50spiele.de 1 redirects henkana1972.zzux.com
2 www.unterstufe.ch 1 redirects henkana1972.zzux.com
2 i.pinimg.com henkana1972.zzux.com
2 maxcdn.bootstrapcdn.com henkana1972.zzux.com
maxcdn.bootstrapcdn.com
1 www.fawntastique.com henkana1972.zzux.com
1 adirondackweathersite.com 1 redirects
1 www.knobeln-online.info henkana1972.zzux.com
1 losgringosdr.com henkana1972.zzux.com
1 top50spiele.de 1 redirects
1 www.vordruck-vorlage.de henkana1972.zzux.com
1 the20weekscampaign.org henkana1972.zzux.com
1 s-media-cache-ak0.pinimg.com 1 redirects
1 www.xobbu.com henkana1972.zzux.com
1 www.runterwegs.de henkana1972.zzux.com
1 henkana1972.zzux.com
0 deaddropnyc.com Failed henkana1972.zzux.com
0 izaakwaltoncresswell.com Failed henkana1972.zzux.com
0 techno.datesite.online Failed henkana1972.zzux.com
22 20

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
gws2.de
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
*.pinimg.com
DigiCert SHA2 High Assurance Server CA		 2020-05-28 -
2021-06-14		 a year crt.sh
runterwegs.de
R3		 2021-02-16 -
2021-05-17		 3 months crt.sh
www.xobbu.com
R3		 2021-03-06 -
2021-06-04		 3 months crt.sh
www.unterstufe.ch
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
www.vordruck-vorlage.de
R3		 2021-03-19 -
2021-06-17		 3 months crt.sh
top50spiele.de
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
knobeln-online.info
R3		 2021-03-17 -
2021-06-15		 3 months crt.sh
fawntastique.com
R3		 2021-04-11 -
2021-07-10		 3 months crt.sh
www.formularbox.de
Starfield Secure Certificate Authority - G2		 2020-08-19 -
2021-08-23		 a year crt.sh

This page contains 1 frames:

Primary Page: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Frame ID: 946E3DCEED1CE5B92EF815A548B015B5
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Page Statistics

22
Requests

64 %
HTTPS

31 %
IPv6

18
Domains

20
Subdomains

15
IPs

8
Countries

419 kB
Transfer

447 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://gws2.de/px/model_kniffel.jpg HTTP 301
  • https://gws2.de/px/model_kniffel.jpg
Request Chain 9
  • https://s-media-cache-ak0.pinimg.com/736x/d2/df/c1/d2dfc17875a8c4da70c47de209e5030b--organisation.jpg HTTP 301
  • https://i.pinimg.com/736x/d2/df/c1/d2dfc17875a8c4da70c47de209e5030b--organisation.jpg
Request Chain 10
  • http://www.unterstufe.ch/angebote/bsp_pics/z-1-3kl-kniffel_vorlage_fuer_protokoll-ID_18232.gif HTTP 301
  • https://www.unterstufe.ch/angebote/bsp_pics/z-1-3kl-kniffel_vorlage_fuer_protokoll-ID_18232.gif
Request Chain 14
  • http://top50spiele.de/out/media/Kniffel_www.top50spiele.de.jpg HTTP 301
  • http://www.top50spiele.de/out/media/Kniffel_www.top50spiele.de.jpg HTTP 301
  • https://www.top50spiele.de/out/media/Kniffel_www.top50spiele.de.jpg
Request Chain 17
  • https://adirondackweathersite.com/wp-content/uploads/2018/08/Kniffel-Vorlage-F39c3b63b51897bb617fec4defadbd27-1-Orig-1.jpg HTTP 301
  • https://www.fawntastique.com/hochzeitskollektion-koennen-wir/
Request Chain 19
  • http://www.formularbox.de/media/itemprev/kniffel.jpg HTTP 301
  • https://www.formularbox.de/media/itemprev/kniffel.jpg

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Kniffel-spielzettel-download.html
henkana1972.zzux.com/ 		21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
HTTP/1.1
Server
91.201.42.238 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, Moscow, Russia, RU),
Reverse DNS
maxim.biz
Software
nginx/1.15.12 /
Resource Hash
bc28cf9813ac363a3ff9bb0ba23878ae1924040a20469b3f20dbe2ecf5b09a5c

Request headers

Host
henkana1972.zzux.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.15.12
Date
Fri, 16 Apr 2021 07:08:43 GMT
Content-Type
text/html; charset=utf-8
Last-Modified
Fri, 26 Apr 2019 03:16:43 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5cc2781b-536c"
Content-Encoding
gzip
reset.css
techno.datesite.online/style/ 		0
0
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 07:02:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
3152118
cdn-cachedat
2021-03-10 20:26:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097b166d380000d6f92d3a9000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
0dc81c37a905721b06c3ccd8a56f8d16
cf-ray
640b8cf52f9ed6f9-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
styles.css
techno.datesite.online/style/ 		0
0
engine.css
techno.datesite.online/style/ 		0
0
prev_kniffel1.jpg
gws2.de/px/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gws2.de/px/prev_kniffel1.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:488:42:1000:50ed:84a7:ffa9:fbec , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
Apache /
Resource Hash
0bb45ea2cc1b03aa40b417c9de00f634b37452a09151b9849281bea5621c0edc

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Fri, 16 Apr 2021 07:02:53 GMT
Referrer-Policy
Last-Modified
Fri, 08 Aug 2014 15:20:43 GMT
Server
Apache
ETag
"382c-5001fbfa808c0"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14380
Expires
Sat, 16 Apr 2022 07:02:53 GMT
model_kniffel.jpg
gws2.de/px/
Redirect Chain
  • http://gws2.de/px/model_kniffel.jpg
  • https://gws2.de/px/model_kniffel.jpg
39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gws2.de/px/model_kniffel.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:488:42:1000:50ed:84a7:ffa9:fbec , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software
Apache /
Resource Hash
6870485e293225bf08d77e6df94983ba14f73b8780bb00f0bc5567e02e66b04e

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Fri, 16 Apr 2021 07:02:53 GMT
Referrer-Policy
Last-Modified
Fri, 08 Aug 2014 15:21:06 GMT
Server
Apache
ETag
"9b96-5001fc106fc80"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39830
Expires
Sat, 16 Apr 2022 07:02:53 GMT

Redirect headers

Date
Fri, 16 Apr 2021 07:02:53 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
https://gws2.de/px/model_kniffel.jpg
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
244
Expires
Fri, 16 Apr 2021 08:02:52 GMT
b3bfa67db05845fa0b3f767b57cb83bb.jpg
i.pinimg.com/originals/b3/bf/a6/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/b3/bf/a6/b3bfa67db05845fa0b3f767b57cb83bb.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655e05311788613ca0d0bd7a2dc9efcec4bd9251fc02c36045eb9709c61b8a8a

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 07:02:53 GMT
etag
"111e27f7043f09be8cfd77783667f974"
cf-bgj
h2pri
x-cdn
cloudflare
edge-start
100
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
640b8cf53e0f4a6d-FRA
content-length
12646
cf-request-id
097b166d3f00004a6d600ce000000001
server
cloudflare
origin-latency
100
Kniffel.jpg
www.runterwegs.de/wp-content/uploads/2016/11/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.runterwegs.de/wp-content/uploads/2016/11/Kniffel.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.13.131.27 Neusalza-Spremberg, Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd32338.kasserver.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Kniffel-Vorlage-Excel-Download.jpg
www.xobbu.com/wp-content/uploads/2015/09/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xobbu.com/wp-content/uploads/2015/09/Kniffel-Vorlage-Excel-Download.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.90.49.24 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
24.49.90.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
23e676ed16db2d5a3eeef739e1c9fc5c3963a49c1e96be652d72187d8281193d

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 07:02:53 GMT
last-modified
Tue, 22 Sep 2015 00:00:00 GMT
server
nginx
etag
"56009a00-1a1f7"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
106999
expires
Sat, 16 Apr 2022 07:02:53 GMT
d2dfc17875a8c4da70c47de209e5030b--organisation.jpg
i.pinimg.com/736x/d2/df/c1/
Redirect Chain
  • https://s-media-cache-ak0.pinimg.com/736x/d2/df/c1/d2dfc17875a8c4da70c47de209e5030b--organisation.jpg
  • https://i.pinimg.com/736x/d2/df/c1/d2dfc17875a8c4da70c47de209e5030b--organisation.jpg
60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/d2/df/c1/d2dfc17875a8c4da70c47de209e5030b--organisation.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aefe18c4e8ba91b9a84392c4a50092d00d9e3f5d1d2c9b7e882f84f9d5c3daca

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 07:02:53 GMT
etag
"4527cb2947fc388411e8fe3fb2b96ced"
x-cdn
cloudflare
edge-start
7
vary
Origin, Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
cf-ray
640b8cf759ed4a6d-FRA
content-length
61845
cf-request-id
097b166e9400004a6d54b15000000001
server
cloudflare
origin-latency
7

Redirect headers

date
Fri, 16 Apr 2021 07:02:53 GMT
x-cdn
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain;charset=UTF-8
location
https://i.pinimg.com/736x/d2/df/c1/d2dfc17875a8c4da70c47de209e5030b--organisation.jpg
cf-ray
640b8cf73d09b689-LUX
content-length
0
cf-request-id
097b166e840000b6893b38c000000001
server
cloudflare
z-1-3kl-kniffel_vorlage_fuer_protokoll-ID_18232.gif
www.unterstufe.ch/angebote/bsp_pics/
Redirect Chain
  • http://www.unterstufe.ch/angebote/bsp_pics/z-1-3kl-kniffel_vorlage_fuer_protokoll-ID_18232.gif
  • https://www.unterstufe.ch/angebote/bsp_pics/z-1-3kl-kniffel_vorlage_fuer_protokoll-ID_18232.gif
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.unterstufe.ch/angebote/bsp_pics/z-1-3kl-kniffel_vorlage_fuer_protokoll-ID_18232.gif
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.53.221 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl208.web.hostpoint.ch
Software
Apache /
Resource Hash
24e64e634dd43db3cddf423addd42f061acbfd8552df9619e2cf964baa0d0c92

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 07:02:53 GMT
last-modified
Thu, 03 Jun 2010 06:03:36 GMT
server
Apache
accept-ranges
bytes
etag
"4041-48819f792de00"
content-length
16449
content-type
image/gif

Redirect headers

Location
https://www.unterstufe.ch/angebote/bsp_pics/z-1-3kl-kniffel_vorlage_fuer_protokoll-ID_18232.gif
Date
Fri, 16 Apr 2021 07:02:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
303
Content-Type
text/html; charset=iso-8859-1
Kniffel-Vorlage-Abrechnung-Kniffel.jpg
the20weekscampaign.org/wp-content/uploads/2018/09/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://the20weekscampaign.org/wp-content/uploads/2018/09/Kniffel-Vorlage-Abrechnung-Kniffel.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
HTTP/1.0
Server
2600:3c02:1::2d4f:f40e , United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
kniffel-vorlage.jpg
www.vordruck-vorlage.de/wp-content/uploads/2007/09/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vordruck-vorlage.de/wp-content/uploads/2007/09/kniffel-vorlage.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.30.32.204 , Germany, ASN48324 (DE-WEBGO www.webgo.de, DE),
Reverse DNS
s204.goserver.host
Software
nginx /
Resource Hash
a2611dd708a43b656f847086a49088bdcf8e1ba9225a84adbecdac9fd0ebfbe6

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 07:02:53 GMT
last-modified
Fri, 18 Dec 2020 13:27:02 GMT
server
nginx
accept-ranges
bytes
etag
"9760-5b6bd104f2708"
content-length
38752
content-type
image/jpeg
Kniffel-Vorlage-Spielblock-1.jpg
izaakwaltoncresswell.com/wp-content/uploads/2018/08/ 		0
0
Kniffel_www.top50spiele.de.jpg
www.top50spiele.de/out/media/
Redirect Chain
  • http://top50spiele.de/out/media/Kniffel_www.top50spiele.de.jpg
  • http://www.top50spiele.de/out/media/Kniffel_www.top50spiele.de.jpg
  • https://www.top50spiele.de/out/media/Kniffel_www.top50spiele.de.jpg
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.top50spiele.de/out/media/Kniffel_www.top50spiele.de.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
78.47.92.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.38.92.47.78.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Location
https://www.top50spiele.de/out/media/Kniffel_www.top50spiele.de.jpg
Date
Fri, 16 Apr 2021 07:02:53 GMT
Server
nginx/1.19.2
Connection
keep-alive
Content-Length
169
Content-Type
text/html
Kniffel-Vorlagen-Kniffel-Download-Abrechnung-Kniffel-1.jpg
losgringosdr.com/wp-content/uploads/2018/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://losgringosdr.com/wp-content/uploads/2018/10/Kniffel-Vorlagen-Kniffel-Download-Abrechnung-Kniffel-1.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
HTTP/1.1
Server
45.207.95.115 , Hong Kong, ASN136800 (XIAOZHIYUN1-AS-AP ICIDC NETWORK, US),
Reverse DNS
Software
Nginx Microsoft-HTTPAPI/2.0 / Nginx
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 07:02:52 GMT
Content-Encoding
gzip
Server
Nginx Microsoft-HTTPAPI/2.0
X-Powered-By
Nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
knobel-blatt-vorlage-vorschau.jpg
www.knobeln-online.info/images/stories/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.knobeln-online.info/images/stories/knobel-blatt-vorlage-vorschau.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.108.164 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
164.108.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7a6b8b7a33ba90eeeaa74bc54677f2fe883c823d56f304b67a5b4b7ac6113d40

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 07:02:54 GMT
last-modified
Mon, 13 Jul 2015 10:26:00 GMT
server
nginx
etag
"55a39238-5ef1"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
24305
expires
Sat, 16 Apr 2022 07:02:54 GMT
/
www.fawntastique.com/hochzeitskollektion-koennen-wir/
Redirect Chain
  • https://adirondackweathersite.com/wp-content/uploads/2018/08/Kniffel-Vorlage-F39c3b63b51897bb617fec4defadbd27-1-Orig-1.jpg
  • https://www.fawntastique.com/hochzeitskollektion-koennen-wir/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fawntastique.com/hochzeitskollektion-koennen-wir/
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
159.69.43.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.175.43.69.159.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location
https://www.fawntastique.com/hochzeitskollektion-koennen-wir/
date
Fri, 16 Apr 2021 07:02:53 GMT
server
nginx/1.16.1
content-type
text/html; charset=utf-8
31524177989857-Image450x352.jpg
deaddropnyc.com/wp-content/uploads/2018/08/ 		0
0
kniffel.jpg
www.formularbox.de/media/itemprev/
Redirect Chain
  • http://www.formularbox.de/media/itemprev/kniffel.jpg
  • https://www.formularbox.de/media/itemprev/kniffel.jpg
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.formularbox.de/media/itemprev/kniffel.jpg
Requested by
Host: henkana1972.zzux.com
URL: http://henkana1972.zzux.com/Kniffel-spielzettel-download.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1158:1000:406::d4 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
dc14a4c51a21f14a62e289342ee65b06d97c59ef965f4aff710d08afbb15066a

Request headers

Referer
http://henkana1972.zzux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 07:02:53 GMT
Last-Modified
Fri, 04 Sep 2015 14:19:28 GMT
Server
Apache
ETag
"700f-51eec9666fc00"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
28687
Expires
Sun, 16 May 2021 07:02:53 GMT

Redirect headers

Date
Fri, 16 Apr 2021 07:02:53 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
https://www.formularbox.de/media/itemprev/kniffel.jpg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
261
Expires
Sun, 16 May 2021 07:02:53 GMT
fontawesome-webfont.woff
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
http://henkana1972.zzux.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 07:02:53 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
722, 617, 617
access-control-allow-origin
*
cdn-cachedat
2021-04-16 09:00:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65452
cf-request-id
097b166e120000073e3b054000000001
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2e15d3d0e73dfd2fc16d6535d015db15
accept-ranges
bytes
cf-ray
640b8cf68cd6073e-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
techno.datesite.online
URL
http://techno.datesite.online/style/reset.css
Domain
techno.datesite.online
URL
http://techno.datesite.online/style/styles.css
Domain
techno.datesite.online
URL
http://techno.datesite.online/style/engine.css
Domain
izaakwaltoncresswell.com
URL
https://izaakwaltoncresswell.com/wp-content/uploads/2018/08/Kniffel-Vorlage-Spielblock-1.jpg
Domain
deaddropnyc.com
URL
http://deaddropnyc.com/wp-content/uploads/2018/08/31524177989857-Image450x352.jpg

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| b

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adirondackweathersite.com
deaddropnyc.com
gws2.de
henkana1972.zzux.com
i.pinimg.com
izaakwaltoncresswell.com
losgringosdr.com
maxcdn.bootstrapcdn.com
s-media-cache-ak0.pinimg.com
techno.datesite.online
the20weekscampaign.org
top50spiele.de
www.fawntastique.com
www.formularbox.de
www.knobeln-online.info
www.runterwegs.de
www.top50spiele.de
www.unterstufe.ch
www.vordruck-vorlage.de
www.xobbu.com
deaddropnyc.com
izaakwaltoncresswell.com
techno.datesite.online
104.18.14.176
159.69.43.175
184.168.131.241
185.30.32.204
217.26.53.221
2600:3c02:1::2d4f:f40e
2606:4700::6812:acf
2606:4700::6812:eb0
2a00:1158:1000:406::d4
2a01:488:42:1000:50ed:84a7:ffa9:fbec
34.90.49.24
35.214.108.164
45.207.95.115
78.47.92.38
85.13.131.27
91.201.42.238
0bb45ea2cc1b03aa40b417c9de00f634b37452a09151b9849281bea5621c0edc
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
23e676ed16db2d5a3eeef739e1c9fc5c3963a49c1e96be652d72187d8281193d
24e64e634dd43db3cddf423addd42f061acbfd8552df9619e2cf964baa0d0c92
655e05311788613ca0d0bd7a2dc9efcec4bd9251fc02c36045eb9709c61b8a8a
6870485e293225bf08d77e6df94983ba14f73b8780bb00f0bc5567e02e66b04e
7a6b8b7a33ba90eeeaa74bc54677f2fe883c823d56f304b67a5b4b7ac6113d40
a2611dd708a43b656f847086a49088bdcf8e1ba9225a84adbecdac9fd0ebfbe6
aefe18c4e8ba91b9a84392c4a50092d00d9e3f5d1d2c9b7e882f84f9d5c3daca
bc28cf9813ac363a3ff9bb0ba23878ae1924040a20469b3f20dbe2ecf5b09a5c
dc14a4c51a21f14a62e289342ee65b06d97c59ef965f4aff710d08afbb15066a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855