crm.userfreunde.de Open in urlscan Pro
2a01:4f8:d0a:439a::2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://crm.userfreunde.de/
Effective URL:
https://crm.userfreunde.de/install.php
Submission: On November 30 via automatic, source certstream-suspicious (November 30th 2022, 1:32:01 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 2a01:4f8:d0a:439a::2, located in Germany and belongs to HETZNER-AS, DE. The main domain is crm.userfreunde.de.
TLS certificate: Issued by R3 on November 30th 2022. Valid for: 3 months.

This is the only time crm.userfreunde.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 11	2a01:4f8:d0a:... 2a01:4f8:d0a:439a::2		24940 (HETZNER-AS) (HETZNER-AS)
10	2

11 2a01:4f8:d0a:439a::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

crm.userfreunde.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	userfreunde.de 1 redirects crm.userfreunde.de	83 KB
10	1

	Domain	Requested by
11	crm.userfreunde.de	1 redirects crm.userfreunde.de
10	1

This site contains links to these domains. Also see Links.

Domain
www.1crm.com

Subject Issuer	Validity	Valid
crm.userfreunde.de R3	`2022-11-30` - `2023-02-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://crm.userfreunde.de/install.php
Frame ID: BD8F663F2F4804FDC68BDE9C59F74133
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1CRM Setup Assistent

Page URL History Show full URLs

https://crm.userfreunde.de/ HTTP 302
https://crm.userfreunde.de/install.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

83 kB
Transfer

317 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.1crm.com/

Search URL Search Domain Scan URL

URL: https://www.1crm.com/wp-content/uploads/2014/02/1CRM_8.0_Implementation_Guide.pdf
Title: Implementation Guide

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://crm.userfreunde.de/ HTTP 302
https://crm.userfreunde.de/install.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request install.php Show response crm.userfreunde.de/ Redirect Chain https://crm.userfreunde.de/ https://crm.userfreunde.de/install.php	4 KB 2 KB	119ms 118ms	Document text/html	2a01:4f8:d0a:439a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://crm.userfreunde.de/install.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:439a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash `6c4a1b48c8bfa2bcfd44852e264ada25b0d9a2117f9df534781c4f2eb0bd6c94` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate max-age=0, no-cache, s-maxage=10 content-encoding br content-length 1467 content-type text/html; charset=utf-8 date Wed, 30 Nov 2022 13:31:57 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding x-mod-pagespeed 1.13.35.2-0 Redirect headers content-length 0 content-type text/html; charset=utf-8 date Wed, 30 Nov 2022 13:31:57 GMT location install.php server Apache
GET H2	200	base.css crm.userfreunde.de/themes/Default/	147 KB 22 KB	36ms 34ms	Stylesheet text/css	2a01:4f8:d0a:439a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://crm.userfreunde.de/themes/Default/base.css?s=fbeb6b28bed4652a&c=0 Requested by Host: crm.userfreunde.de URL: https://crm.userfreunde.de/install.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:439a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash `9fbf638c87a958fe68e8836ab5e2e9241bc5f5b4ef976cb5718bf54a7f821050` Request headers accept-language de-DE,de;q=0.9 Referer https://crm.userfreunde.de/install.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 13:31:57 GMT content-encoding br last-modified Mon, 13 Jun 2022 08:23:06 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 21832
GET H2	200	login.css crm.userfreunde.de/themes/Default/	4 KB 1 KB	14ms 12ms	Stylesheet text/css	2a01:4f8:d0a:439a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://crm.userfreunde.de/themes/Default/login.css?s=fbeb6b28bed4652a&c=0 Requested by Host: crm.userfreunde.de URL: https://crm.userfreunde.de/install.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:439a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash `be8e2766b7f13288fff262b1e25898af0e11defa3bef482f1e4bda53e4ffadd4` Request headers accept-language de-DE,de;q=0.9 Referer https://crm.userfreunde.de/install.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 13:31:57 GMT content-encoding br last-modified Mon, 13 Jun 2022 08:23:04 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1072
GET H2	200	install.css crm.userfreunde.de/install/	2 KB 920 B	26ms 25ms	Stylesheet text/css	2a01:4f8:d0a:439a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://crm.userfreunde.de/install/install.css?s=fbeb6b28bed4652a&c=0 Requested by Host: crm.userfreunde.de URL: https://crm.userfreunde.de/install.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:439a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash `d40e705b54aa61a8d84db58cd14a5cfef38b518e94d24a1ea90736e98c73cfb5` Request headers accept-language de-DE,de;q=0.9 Referer https://crm.userfreunde.de/install.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 13:31:57 GMT content-encoding br last-modified Mon, 13 Jun 2022 08:20:26 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 865
GET H2	200	base.js Show response crm.userfreunde.de/include/javascript/	105 KB 26 KB	38ms 37ms	Script application/javascript	2a01:4f8:d0a:439a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://crm.userfreunde.de/include/javascript/base.js?s=fbeb6b28bed4652a&c=0 Requested by Host: crm.userfreunde.de URL: https://crm.userfreunde.de/install.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:439a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash `16c6d640eda1d3a300069941a6e45eb820dc25497a475160bbfdadcd734ca7ad` Request headers accept-language de-DE,de;q=0.9 Referer https://crm.userfreunde.de/install.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 13:31:57 GMT content-encoding br last-modified Mon, 13 Jun 2022 08:20:22 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 26114
GET H2	200	conn.js Show response crm.userfreunde.de/include/javascript/	26 KB 7 KB	27ms 26ms	Script application/javascript	2a01:4f8:d0a:439a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://crm.userfreunde.de/include/javascript/conn.js?s=fbeb6b28bed4652a&c=0 Requested by Host: crm.userfreunde.de URL: https://crm.userfreunde.de/install.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:439a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash `324c5b19a90c976a84d54ae74b4f8acb99a8f5c024456f8c9c54797ab6eac06f` Request headers accept-language de-DE,de;q=0.9 Referer https://crm.userfreunde.de/install.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 13:31:57 GMT content-encoding br last-modified Mon, 13 Jun 2022 08:20:22 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 6843
GET H2	200	lightweight.js Show response crm.userfreunde.de/include/javascript/	1 KB 673 B	26ms 25ms	Script application/javascript	2a01:4f8:d0a:439a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://crm.userfreunde.de/include/javascript/lightweight.js?s=fbeb6b28bed4652a&c=0 Requested by Host: crm.userfreunde.de URL: https://crm.userfreunde.de/install.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:439a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash `e726081650e4ead7e167d552eaea341ca7951db09dc965e219b3a2d76ab70c06` Request headers accept-language de-DE,de;q=0.9 Referer https://crm.userfreunde.de/install.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 13:31:57 GMT content-encoding br last-modified Mon, 13 Jun 2022 08:20:20 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 602
GET H2	200	installCommon.js Show response crm.userfreunde.de/install/	4 KB 1 KB	26ms 25ms	Script application/javascript	2a01:4f8:d0a:439a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://crm.userfreunde.de/install/installCommon.js?s=fbeb6b28bed4652a&c=0 Requested by Host: crm.userfreunde.de URL: https://crm.userfreunde.de/install.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:439a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash `58b56aaebeccde97cd5bd64b572b11e04610a57311698eefb21003f97f44feac` Request headers accept-language de-DE,de;q=0.9 Referer https://crm.userfreunde.de/install.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 13:31:57 GMT content-encoding br last-modified Mon, 13 Jun 2022 08:20:26 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1486
GET H2	200	1crm-logo.svg crm.userfreunde.de/include/images/iah/	4 KB 5 KB	10ms 10ms	Image image/svg+xml	2a01:4f8:d0a:439a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://crm.userfreunde.de/include/images/iah/1crm-logo.svg?s=fbeb6b28bed4652a&c=0 Requested by Host: crm.userfreunde.de URL: https://crm.userfreunde.de/install.php Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:439a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash `c742a5039c2a12f22a9d42fdb188494fee34ad5bed7eadff5bf47183af5b5c52` Request headers accept-language de-DE,de;q=0.9 Referer https://crm.userfreunde.de/install.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 13:31:57 GMT last-modified Mon, 13 Jun 2022 08:19:28 GMT server Apache accept-ranges bytes content-length 4543 content-type image/svg+xml
GET DATA	200 OK	truncated /	438 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7dc8f4da144aad2ebd8ff17f189c69e1fcddda0f4c530a124cdb821519d9efa4` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	UIBasic-Regular.otf crm.userfreunde.de/themes/Default/	18 KB 19 KB	12ms 10ms	Font font/otf	2a01:4f8:d0a:439a::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://crm.userfreunde.de/themes/Default/UIBasic-Regular.otf Requested by Host: crm.userfreunde.de URL: https://crm.userfreunde.de/themes/Default/base.css?s=fbeb6b28bed4652a&c=0 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 2a01:4f8:d0a:439a::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software Apache / Resource Hash `11628edf7ca0f68b01bcd68c05614789927ec17ee43bb87296c57f66438c9d1f` Request headers Referer https://crm.userfreunde.de/themes/Default/base.css?s=fbeb6b28bed4652a&c=0 Origin https://crm.userfreunde.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 30 Nov 2022 13:31:57 GMT cache-control s-maxage=10 last-modified Mon, 13 Jun 2022 08:23:04 GMT server Apache accept-ranges bytes content-length 18912 content-type font/otf

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			crm.userfreunde.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: cc465554c87992e76f6b24b8e752ee01

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crm.userfreunde.de
2a01:4f8:d0a:439a::2
11628edf7ca0f68b01bcd68c05614789927ec17ee43bb87296c57f66438c9d1f
16c6d640eda1d3a300069941a6e45eb820dc25497a475160bbfdadcd734ca7ad
324c5b19a90c976a84d54ae74b4f8acb99a8f5c024456f8c9c54797ab6eac06f
58b56aaebeccde97cd5bd64b572b11e04610a57311698eefb21003f97f44feac
6c4a1b48c8bfa2bcfd44852e264ada25b0d9a2117f9df534781c4f2eb0bd6c94
7dc8f4da144aad2ebd8ff17f189c69e1fcddda0f4c530a124cdb821519d9efa4
9fbf638c87a958fe68e8836ab5e2e9241bc5f5b4ef976cb5718bf54a7f821050
be8e2766b7f13288fff262b1e25898af0e11defa3bef482f1e4bda53e4ffadd4
c742a5039c2a12f22a9d42fdb188494fee34ad5bed7eadff5bf47183af5b5c52
d40e705b54aa61a8d84db58cd14a5cfef38b518e94d24a1ea90736e98c73cfb5
e726081650e4ead7e167d552eaea341ca7951db09dc965e219b3a2d76ab70c06

crm.userfreunde.de Open in urlscan Pro 2a01:4f8:d0a:439a::2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

83 kBTransfer

317 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

1 Cookies

Indicators

crm.userfreunde.de Open in urlscan Pro
2a01:4f8:d0a:439a::2 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

83 kB
Transfer

317 kB
Size

1
Cookies

10 HTTP transactions
1 data transactions