urlscan.io logo urlscan.io
SecurityTrails logo

google.heimedia.de Open in urlscan Pro
62.113.195.111  Public Scan

Go To Rescan Add Verdict Report
URL: https://google.heimedia.de/
Submission Tags: @phishunt_io
Submission: On September 15 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 22 HTTP transactions. The main IP is 62.113.195.111, located in Hamburg, Germany and belongs to TTM, DE. The main domain is google.heimedia.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 14th 2020. Valid for: 3 months.
This is the only time google.heimedia.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 62.113.195.111 47447 (TTM)
1 2a00:1450:400... 15169 (GOOGLE)
3 99.86.8.39 16509 (AMAZON-02)
2 2 104.111.252.234 16625 (AKAMAI-AS)
2 4 193.238.60.41 34624 (MEGASPACE-AS)
1 52.94.216.147 16509 (AMAZON-02)
2 52.95.121.231 16509 (AMAZON-02)
1 52.94.218.163 16509 (AMAZON-02)
22 8
12    62.113.195.111 (Hamburg, Germany)

ASN47447 (TTM, DE)
PTR: server1.heimedia.de
google.heimedia.de
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    99.86.8.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-39.fra6.r.cloudfront.net
z-eu.amazon-adsystem.com
2    104.111.252.234 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-252-234.deploy.static.akamaitechnologies.com
www.awin1.com
4    193.238.60.41 (Germany)

ASN34624 (MEGASPACE-AS, DE)
PTR: m1.tarifvergleich.rapidhost.de
a.check24.net
files.check24.net
1    52.94.216.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ws-eu.assoc-amazon.com
2    52.95.121.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ws-eu.amazon-adsystem.com
1    52.94.218.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
fls-eu.amazon-adsystem.com
Domain Requested by
12 google.heimedia.de google.heimedia.de
3 z-eu.amazon-adsystem.com google.heimedia.de
z-eu.amazon-adsystem.com
2 ws-eu.amazon-adsystem.com z-eu.amazon-adsystem.com
ws-eu.assoc-amazon.com
2 files.check24.net google.heimedia.de
2 a.check24.net 2 redirects
2 www.awin1.com 2 redirects
1 fls-eu.amazon-adsystem.com
1 ws-eu.assoc-amazon.com z-eu.amazon-adsystem.com
1 www.google.de google.heimedia.de
22 9

This site contains links to these domains. Also see Links.

Domain
www.google.de
www.awin1.com
themezee.com
Subject Issuer Validity Valid
google.heimedia.de
Let's Encrypt Authority X3		 2020-09-14 -
2020-12-13		 3 months crt.sh
z-eu.amazon-adsystem.com
Amazon		 2020-01-09 -
2021-02-09		 a year crt.sh
*.check24.net
DigiCert SHA2 High Assurance Server CA		 2020-03-16 -
2022-06-16		 2 years crt.sh
ws-eu.assoc-amazon.com
Amazon		 2020-04-24 -
2021-04-07		 a year crt.sh
fls-eu.amazon-adsystem.com
Amazon		 2020-09-10 -
2021-08-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://google.heimedia.de/
Frame ID: 88DE05882BBED93FAF8CAC91A2882DA3
Requests: 22 HTTP requests in this frame

Frame: https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&MarketPlace=DE&Operation=GetWidgetFrame&OneJS=1&ad_type=responsive_search_widget&region=DE&marketplace=amazon&tracking_id=digitalaudio&auto_complete=true&org_reco_count=0&axf_treatment=&search_type=search_widget&linkid=&width=740&height=252&default_search_category=&default_search_key=&widgetId=__mobileAssociatesSearchWidget_adunit_0&default_category_html=&default_category_value=&default_category_search=&isresponsive=true&theme=light&bg_color=FFFFFF&slotNum=0&debug=&viewerCountry=ZZ
Frame ID: 90AE6BB43FB42AEAEABA2D03BBF7D853
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

22
Requests

95 %
HTTPS

13 %
IPv6

6
Domains

9
Subdomains

8
IPs

4
Countries

456 kB
Transfer

489 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.awin1.com/cshow.php?s=2126298&v=9364&q=332981&r=396833 HTTP 302
  • https://a.check24.net/misc/view.php?pid=350&aid=57 HTTP 302
  • https://files.check24.net/ads/57
Request Chain 10
  • https://www.awin1.com/cshow.php?s=2126281&v=9364&q=332976&r=396833 HTTP 302
  • https://a.check24.net/misc/view.php?pid=350&aid=62 HTTP 302
  • https://files.check24.net/ads/62

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
google.heimedia.de/ 		11 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PHP/7.0.33 PleskLin
Resource Hash
5bc21b1b80fdbe93158ce6a24b201182e942587e70bd1d3c564b6ad2568ab7f0

Request headers

Host
google.heimedia.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Tue, 15 Sep 2020 12:56:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.0.33 PleskLin
Link
<https://google.heimedia.de/index.php?rest_route=/>; rel="https://api.w.org/", <https://google.heimedia.de/index.php?rest_route=/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://google.heimedia.de/>; rel=shortlink
MS-Author-Via
DAV
custom-fonts.css
google.heimedia.de/wp-content/themes/zeedynamic/assets/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/wp-content/themes/zeedynamic/assets/css/custom-fonts.css?ver=20180413
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
48c02d10a697847118520543d3d3a475e15a735a31876b0f8ec6599f19b8c640

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Sun, 10 Nov 2019 21:34:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2487
ETag
"29a0991-9b7-59704c8311e77"
style.min.css
google.heimedia.de/wp-includes/css/dist/block-library/ 		53 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Wed, 02 Sep 2020 00:27:55 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53907
ETag
"354131f-d293-5ae49b4fb7374"
style.css
google.heimedia.de/wp-content/themes/zeedynamic/ 		47 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/wp-content/themes/zeedynamic/style.css?ver=1.7.1
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
df6e01928d1fdb4ff0243502a205104212b0dd7c24aaf3a8ad13843da95ab46e

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Sun, 10 Nov 2019 21:34:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48051
ETag
"29a09d2-bbb3-59704c8313db7"
genericons.css
google.heimedia.de/wp-content/themes/zeedynamic/assets/genericons/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/wp-content/themes/zeedynamic/assets/genericons/genericons.css?ver=3.4.1
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Sun, 10 Nov 2019 21:34:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28266
ETag
"29a0979-6e6a-59704c83112bf"
jquery.js
google.heimedia.de/wp-includes/js/jquery/ 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Tue, 21 May 2019 22:03:27 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96873
ETag
"28e0acb-17a69-5896d04c3f65e"
navigation.js
google.heimedia.de/wp-content/themes/zeedynamic/assets/js/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/wp-content/themes/zeedynamic/assets/js/navigation.js?ver=20160719
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
5a3ae4ca402874991fdb3a8e38220fcccc6216ff393e8867e62ff72cb1b983e7

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Sun, 10 Nov 2019 21:34:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5463
ETag
"29a0984-1557-59704c83116a7"
cropped-keyboard-886462_1920-1.jpg
google.heimedia.de/wp-content/uploads/2018/01/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://google.heimedia.de/wp-content/uploads/2018/01/cropped-keyboard-886462_1920-1.jpg
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
0ea117aea9d725725f1856b7840349c30d7024d99f273e703690833d5d9c5845

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Thu, 25 Jan 2018 15:23:25 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28298
ETag
"28e0e45-6e8a-5639b5c6efe77"
Logo_40wht.gif
www.google.de/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.de/logos/Logo_40wht.gif
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40251830579c42f6d3ea03af4993d31ff649571886bb53d837d68a5e084b5d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Oct 2019 12:00:00 GMT
Server
sffe
Content-Type
image/gif
Cache-Control
private, max-age=31536000
Accept-Ranges
bytes
Content-Length
3845
X-XSS-Protection
0
Expires
Tue, 15 Sep 2020 12:56:06 GMT
q
z-eu.amazon-adsystem.com/widgets/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&Marketplace=DE
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-39.fra6.r.cloudfront.net
Software
Server /
Resource Hash
111917b174b29019fa75b6ce8b40ba2c76222cdc92305777f671a6dc74635d6a

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 01:54:02 GMT
Content-Encoding
gzip
Age
39724
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7882
Pragma
Public
Access-Control-Allow-Origin
*
Server
Server
Content-Type
application/javascript;charset=UTF-8
Via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
charset
UTF-8
Cache-Control
public,max-age=86400,s-maxage=86400,no-transform
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
7LkZ7_aLQbZJ4sqGVq94A3ONHWDYdRQalHwc27j6qPvw4Wjjtxckug==
Expires
Wed, 16 Sep 2020 01:54:02 GMT
57
files.check24.net/ads/
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2126298&v=9364&q=332981&r=396833
  • https://a.check24.net/misc/view.php?pid=350&aid=57
  • https://files.check24.net/ads/57
44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.check24.net/ads/57
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.238.60.41 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
m1.tarifvergleich.rapidhost.de
Software
nginx /
Resource Hash
f833c29ef2b6b25b9ef46c7805e2ebbc8698328e764d57172337ff9e06dbe94c

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 12:56:07 GMT
last-modified
Mon, 30 Nov 2015 16:34:17 GMT
server
nginx
etag
"565c7a89-ae5e"
content-type
application/octet-stream
status
200
accept-ranges
bytes
content-length
44638

Redirect headers

status
302
date
Tue, 15 Sep 2020 12:56:07 GMT
server
nginx
location
https://files.check24.net/ads/57
content-type
text/html; charset=UTF-8
62
files.check24.net/ads/
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2126281&v=9364&q=332976&r=396833
  • https://a.check24.net/misc/view.php?pid=350&aid=62
  • https://files.check24.net/ads/62
44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.check24.net/ads/62
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.238.60.41 , Germany, ASN34624 (MEGASPACE-AS, DE),
Reverse DNS
m1.tarifvergleich.rapidhost.de
Software
nginx /
Resource Hash
3e71ae1769eb50a313c003b27b0ed28a091804637a9428a6e16da75b2c5cac35

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Sep 2020 12:56:07 GMT
last-modified
Mon, 30 Nov 2015 16:31:50 GMT
server
nginx
etag
"565c79f6-b197"
content-type
application/octet-stream
status
200
accept-ranges
bytes
content-length
45463

Redirect headers

status
302
date
Tue, 15 Sep 2020 12:56:07 GMT
server
nginx
location
https://files.check24.net/ads/62
content-type
text/html; charset=UTF-8
wp-embed.min.js
google.heimedia.de/wp-includes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Wed, 01 Apr 2020 00:27:58 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1434
ETag
"28e0bbe-59a-5a22fc19345b7"
wp-emoji-release.min.js
google.heimedia.de/wp-includes/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Wed, 12 Aug 2020 00:28:30 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14246
ETag
"28e0b29-37a6-5aca3445e932b"
open-sans-v15-latin-ext_latin-regular.woff2
google.heimedia.de/wp-content/themes/zeedynamic/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/wp-content/themes/zeedynamic/assets/fonts/open-sans-v15-latin-ext_latin-regular.woff2
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/wp-content/themes/zeedynamic/assets/css/custom-fonts.css?ver=20180413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b

Request headers

Origin
https://google.heimedia.de
Referer
https://google.heimedia.de/wp-content/themes/zeedynamic/assets/css/custom-fonts.css?ver=20180413
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Sun, 10 Nov 2019 21:34:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/plain
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18876
ETag
"29a0970-49bc-59704c8310ed7"
francois-one-v11-latin-ext_latin-regular.woff2
google.heimedia.de/wp-content/themes/zeedynamic/assets/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://google.heimedia.de/wp-content/themes/zeedynamic/assets/fonts/francois-one-v11-latin-ext_latin-regular.woff2
Requested by
Host: google.heimedia.de
URL: https://google.heimedia.de/wp-content/themes/zeedynamic/assets/css/custom-fonts.css?ver=20180413
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.113.195.111 Hamburg, Germany, ASN47447 (TTM, DE),
Reverse DNS
server1.heimedia.de
Software
nginx / PleskLin
Resource Hash
d850e65552835b3f137b941d741625b693ada871207bc891d501aa16bc12acdb

Request headers

Origin
https://google.heimedia.de
Referer
https://google.heimedia.de/wp-content/themes/zeedynamic/assets/css/custom-fonts.css?ver=20180413
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:06 GMT
MS-Author-Via
DAV
Last-Modified
Sun, 10 Nov 2019 21:34:37 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
text/plain
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25240
ETag
"29a0975-6298-59704c8310ed7"
q
ws-eu.assoc-amazon.com/widgets/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws-eu.assoc-amazon.com/widgets/q?ServiceVersion=20070822&MarketPlace=DE&Operation=GetAdHtml&OneJS=1&slotNum=0&height=auto&placement=adunit&theme=light&tracking_id=digitalaudio&bg_color=FFFFFF&width=auto&ad_type=responsive_search_widget&marketplace=amazon&search_type=search_widget&region=DE&default_search_category=&default_search_key=&jsonp=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-eu.amazon-adsystem.com
URL: https://z-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&Marketplace=DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4f8b117af703680720378874854fb50184561aca4134e0dc8a0ac33cebb7904f

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Sep 2020 12:56:07 GMT
Content-Encoding
gzip
Server
Server
Vary
User-Agent
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
charset
UTF-8
Cache-Control
must-revalidate
Connection
close
Content-Length
6020
Expires
-1
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Origin
https://google.heimedia.de
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
q
z-eu.amazon-adsystem.com/widgets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-eu.amazon-adsystem.com/widgets/q?Operation=SearchBoxJsonP&InstanceId=0&TemplateId=ItemSearchData&ServiceVersion=20070822&MarketPlace=DE&jsonp=searchBoxOptions_0
Requested by
Host: z-eu.amazon-adsystem.com
URL: https://z-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&Marketplace=DE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-39.fra6.r.cloudfront.net
Software
Server /
Resource Hash
d19c5264d15cc9e6a416be847b43a8feb8593d05a8f6387b40a2b8196ccbae44

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Sep 2020 12:56:07 GMT
Content-Encoding
gzip
Server
Server
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
charset
UTF-8
Cache-Control
must-revalidate
Connection
keep-alive
Content-Length
651
Via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
LtA2e5XMJNg_N8WR5YsoJN3aThOgUA_rPu872NunqmS5anicWkjvfQ==
Expires
-1
q
z-eu.amazon-adsystem.com/widgets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-eu.amazon-adsystem.com/widgets/q?Operation=ProductFinderJsonP&InstanceId=0&TemplateId=ItemSearchData&ServiceVersion=20070822&MarketPlace=DE&jsonp=productFinderOptions_0
Requested by
Host: z-eu.amazon-adsystem.com
URL: https://z-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&Marketplace=DE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-39.fra6.r.cloudfront.net
Software
Server /
Resource Hash
af9015bf4a4acd97f3e2db41e0a4c4a5ca1d505da87a8b8d2814779e76d8cd7f

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Sep 2020 12:56:07 GMT
Content-Encoding
gzip
Server
Server
X-Amz-Cf-Pop
FRA6-C1
X-Cache
Miss from cloudfront
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
charset
UTF-8
Cache-Control
must-revalidate
Connection
keep-alive
Content-Length
656
Via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
E7U13J7rcJJ4vttuKheCv2M0NYm65QjKkpwxceMpd9DX9HvlbGGtoA==
Expires
-1
q
ws-eu.amazon-adsystem.com/widgets/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws-eu.amazon-adsystem.com/widgets/q?Operation=GetAsinJsonFirstLoad&InstanceId=0&ResponseCount=10&TemplateId=SearchACAP_Ph4&ServiceVersion=20070822&MarketPlace=DE&asins=&slotNum=0&CategoryRestriction=
Requested by
Host: z-eu.amazon-adsystem.com
URL: https://z-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&Operation=GetScript&ID=OneJS&WS=1&Marketplace=DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.121.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f4a722d32e18e35722b393c145d9ec38e8dc3a4ee7494cf0246a80f88ff172c3

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Sep 2020 12:56:07 GMT
Content-Encoding
gzip
Server
Server
Vary
User-Agent
Content-Type
text/json;charset=UTF-8
Access-Control-Allow-Origin
*
charset
UTF-8
Cache-Control
must-revalidate
Connection
close
Content-Length
2667
Expires
-1
q
ws-eu.amazon-adsystem.com/widgets/ Frame 90AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ws-eu.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&MarketPlace=DE&Operation=GetWidgetFrame&OneJS=1&ad_type=responsive_search_widget&region=DE&marketplace=amazon&tracking_id=digitalaudio&auto_complete=true&org_reco_count=0&axf_treatment=&search_type=search_widget&linkid=&width=740&height=252&default_search_category=&default_search_key=&widgetId=__mobileAssociatesSearchWidget_adunit_0&default_category_html=&default_category_value=&default_category_search=&isresponsive=true&theme=light&bg_color=FFFFFF&slotNum=0&debug=&viewerCountry=ZZ
Requested by
Host: ws-eu.assoc-amazon.com
URL: https://ws-eu.assoc-amazon.com/widgets/q?ServiceVersion=20070822&MarketPlace=DE&Operation=GetAdHtml&OneJS=1&slotNum=0&height=auto&placement=adunit&theme=light&tracking_id=digitalaudio&bg_color=FFFFFF&width=auto&ad_type=responsive_search_widget&marketplace=amazon&search_type=search_widget&region=DE&default_search_category=&default_search_key=&jsonp=amzn_assoc_jsonp_callback_adunit_0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.121.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash

Request headers

Host
ws-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://google.heimedia.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://google.heimedia.de/

Response headers

Date
Tue, 15 Sep 2020 12:56:07 GMT
Server
Server
Content-Encoding
gzip
Cache-Control
must-revalidate
Pragma
no-cache
Expires
-1
charset
UTF-8
Access-Control-Allow-Origin
*
Vary
User-Agent
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html;charset=UTF-8
cm_:onejs_load_evt@v=582,onejs_exec_time@v=2,adhtml_load_time@v=262,adhtml_load_time_responsive_search_widget@v=262,wdgt_load_time@v=3225,wdgt_load_time_undefined@v=3225,wdgt_load_time_responsive_s...
fls-eu.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-eu.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=582,onejs_exec_time@v=2,adhtml_load_time@v=262,adhtml_load_time_responsive_search_widget@v=262,wdgt_load_time@v=3225,wdgt_load_time_undefined@v=3225,wdgt_load_time_responsive_search_widget@v=3225,wdgt_load_time_doc_load@v=1723,wdgt_load_time_doc_load_responsive_search_widget@v=1723,wdgt_load_time_invoke@v=2643,wdgt_load_time_invoke_responsive_search_widget@v=2642?marketplace=GB&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=A1F83G8C2ARO7P&requestId=b352bb3e-9cac-419c-b89a-a1371503d9ad&session=9de313ba-ed1e-43e4-9785-431ba4b48fff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
52.94.218.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://google.heimedia.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Sep 2020 12:56:09 GMT
x-amzn-RequestId
4f337f97-7b1e-4aef-a745-bad208501b81
Content-Type
text/plain

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _wpemojiSettings undefined| $ function| jQuery string| zeedynamic_menu_title object| twemoji object| wp function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| nativeAdLayoutComputer object| amzn_assoc_ad function| amzn_assoc_jsonp_callback_adunit_0 function| amzn_assoc_client_cb_0 function| searchAcapRunTimeInit function| searchBoxOptions_0 function| productFinderOptions_0 function| first_load_callback_0 function| __maSwMainListener

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.check24.net
files.check24.net
fls-eu.amazon-adsystem.com
google.heimedia.de
ws-eu.amazon-adsystem.com
ws-eu.assoc-amazon.com
www.awin1.com
www.google.de
z-eu.amazon-adsystem.com
104.111.252.234
193.238.60.41
2a00:1450:4001:81b::2003
52.94.216.147
52.94.218.163
52.95.121.231
62.113.195.111
99.86.8.39
0ea117aea9d725725f1856b7840349c30d7024d99f273e703690833d5d9c5845
111917b174b29019fa75b6ce8b40ba2c76222cdc92305777f671a6dc74635d6a
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
3e71ae1769eb50a313c003b27b0ed28a091804637a9428a6e16da75b2c5cac35
40251830579c42f6d3ea03af4993d31ff649571886bb53d837d68a5e084b5d0e
48c02d10a697847118520543d3d3a475e15a735a31876b0f8ec6599f19b8c640
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f8b117af703680720378874854fb50184561aca4134e0dc8a0ac33cebb7904f
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b
5a3ae4ca402874991fdb3a8e38220fcccc6216ff393e8867e62ff72cb1b983e7
5bc21b1b80fdbe93158ce6a24b201182e942587e70bd1d3c564b6ad2568ab7f0
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
af9015bf4a4acd97f3e2db41e0a4c4a5ca1d505da87a8b8d2814779e76d8cd7f
d19c5264d15cc9e6a416be847b43a8feb8593d05a8f6387b40a2b8196ccbae44
d850e65552835b3f137b941d741625b693ada871207bc891d501aa16bc12acdb
df6e01928d1fdb4ff0243502a205104212b0dd7c24aaf3a8ad13843da95ab46e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4a722d32e18e35722b393c145d9ec38e8dc3a4ee7494cf0246a80f88ff172c3
f833c29ef2b6b25b9ef46c7805e2ebbc8698328e764d57172337ff9e06dbe94c