email.dashoefer.de - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 217.175.192.43, located in Austria and belongs to NEXTLAYER-AS, AT. The main domain is email.dashoefer.de.
TLS certificate: Issued by R3 on April 24th 2022. Valid for: 3 months.

This is the only time email.dashoefer.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	217.175.192.43 217.175.192.43	1764 (NEXTLAYER-AS) (NEXTLAYER-AS)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 4	5.159.58.60 5.159.58.60	59507 (TLN-AS) (TLN-AS)
7	3

3 217.175.192.43 (Austria)

ASN1764 (NEXTLAYER-AS, AT)

email.dashoefer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.159.58.60 (Lüneburg, Germany) 1 redirects

ASN59507 (TLN-AS, DE)

static.dashoefer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gemini.dashoefer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	dashoefer.de 1 redirects email.dashoefer.de static.dashoefer.de gemini.dashoefer.de	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
7	2

	Domain	Requested by
3	email.dashoefer.de	email.dashoefer.de
2	gemini.dashoefer.de	1 redirects email.dashoefer.de
2	static.dashoefer.de	email.dashoefer.de
1	fonts.googleapis.com	email.dashoefer.de
7	4

This site contains no links.

Subject Issuer	Validity	Valid
email.dashoefer.de R3	`2022-04-24` - `2022-07-23`	3 months	crt.sh
dashoefer.de R3	`2022-03-07` - `2022-06-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://email.dashoefer.de/u/gm.php?prm=93dAo2MlvV_794450776_2826063_1147&_esuh=_11_c4643288a7e7f899fe0fc2fb810f250b623d4b3ae800d8a9b419709282bcd569
Frame ID: 6F37D4D4278CFC3F951B1D9A4D14E142
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Erfolgreiche Personalgewinnung | Verlag Dashöfer

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

7
Requests

71 %
HTTPS

33 %
IPv6

2
Domains

4
Subdomains

3
IPs

2
Countries

17 kB
Transfer

27 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://gemini.dashoefer.de/cemopen/pruefbild.php?adresse=4284586&email=kristina.seitz%40heraeus.com&ap=104244527&utm_source=PC1-ARB_XS-AM-EP&utm_medium=cem&utm_campaign=$cname$&wa=$cname$ HTTP 302
http://gemini.dashoefer.de/cemopen/checkimage.php?adresse=4284586&email=kristina.seitz@heraeus.com&ap=104244527&utm_source=PC1-ARB_XS-AM-EP&utm_medium=cem&utm_campaign=$cname$&wa=$cname$

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request gm.php Show response
email.dashoefer.de/u/ 14 KB
4 KB 470ms
415ms Document
text/html 217.175.192.43
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://email.dashoefer.de/u/gm.php?prm=93dAo2MlvV_794450776_2826063_1147&_esuh=_11_c4643288a7e7f899fe0fc2fb810f250b623d4b3ae800d8a9b419709282bcd569

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),

Reverse DNS

Software

nginx /

Resource Hash

88ab4f6b8705f33444f3664b40c18745975cc1a732e66abcc744a203e669aa2a

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-popups allow-popups-to-escape-sandbox;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 3682
content-security-policy: sandbox allow-popups allow-popups-to-escape-sandbox;
content-type: text/html; charset=utf-8
date: Mon, 16 May 2022 09:17:06 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-af: suite34-web1
x-fe: suite34-web1
x-hf: suite-haproxy01d

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1 KB 22ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=93dAo2MlvV_794450776_2826063_1147&_esuh=_11_c4643288a7e7f899fe0fc2fb810f250b623d4b3ae800d8a9b419709282bcd569

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

261e445df2949562f622153fa6b647d3dad875e365ec61c6a37ca41445256c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 09:17:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Mon, 16 May 2022 09:13:17 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 16 May 2022 09:17:06 GMT

GET
H/1.1 404
Not Found &
email.dashoefer.de/u/ 0
0 17ms
17ms Stylesheet
text/html 217.175.192.43
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://email.dashoefer.de/u/&
Requested by: Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=93dAo2MlvV_794450776_2826063_1147&_esuh=_11_c4643288a7e7f899fe0fc2fb810f250b623d4b3ae800d8a9b419709282bcd569
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H/1.1 200
OK VD_Logo_125x125px.jpg
static.dashoefer.de/images/mailaktion/ 9 KB
9 KB 77ms
17ms Image
image/jpeg 5.159.58.60
TLN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dashoefer.de/images/mailaktion/VD_Logo_125x125px.jpg

Requested by

Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=93dAo2MlvV_794450776_2826063_1147&_esuh=_11_c4643288a7e7f899fe0fc2fb810f250b623d4b3ae800d8a9b419709282bcd569

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

5.159.58.60 Lüneburg, Germany, ASN59507 (TLN-AS, DE),

Reverse DNS

Software

lighttpd/1.4.53 /

Resource Hash

0a70e55fd617f0c14df32c12ed645a7209be0dcaa41e1dd92b5abf645a840cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://www.dashoefer.de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 09:17:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Sep 2018 09:32:49 GMT
Server: lighttpd/1.4.53
ETag: "4121897124"
X-Frame-Options: SAMEORIGIN ALLOW-FROM https://www.dashoefer.de
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 9182
Expires: Wed, 15 Jun 2022 09:17:06 GMT

GET
H/1.1 200
OK u_lambert.gif
static.dashoefer.de/relaunch/images/unterschriften/ 2 KB
2 KB 75ms
15ms Image
image/gif 5.159.58.60
TLN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.dashoefer.de/relaunch/images/unterschriften/u_lambert.gif

Requested by

Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=93dAo2MlvV_794450776_2826063_1147&_esuh=_11_c4643288a7e7f899fe0fc2fb810f250b623d4b3ae800d8a9b419709282bcd569

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

5.159.58.60 Lüneburg, Germany, ASN59507 (TLN-AS, DE),

Reverse DNS

Software

lighttpd/1.4.53 /

Resource Hash

b58e95ec2f64c539049afec904cf30fecadb00498796248f324e3dac05b65983

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN ALLOW-FROM https://www.dashoefer.de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 09:17:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Jul 2016 07:29:56 GMT
Server: lighttpd/1.4.53
ETag: "1589620885"
X-Frame-Options: SAMEORIGIN ALLOW-FROM https://www.dashoefer.de
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Accept-Ranges: bytes
Content-Length: 1925
Expires: Wed, 15 Jun 2022 09:17:06 GMT

GET
H/1.1

200
OK

checkimage.php
gemini.dashoefer.de/cemopen/
Redirect Chain

http://gemini.dashoefer.de/cemopen/pruefbild.php?adresse=4284586&email=kristina.seitz%40heraeus.com&ap=104244527&utm_source=PC1-ARB_XS-AM-EP&utm_medium=cem&utm_campaign=$cname$&wa=$cname$
http://gemini.dashoefer.de/cemopen/checkimage.php?adresse=4284586&email=kristina.seitz@heraeus.com&ap=104244527&utm_source=PC1-ARB_XS-AM-EP&utm_medium=cem&utm_campaign=$cname$&wa=$cname$

35 B
234 B

51ms
49ms

Image
image/gif

5.159.58.60
TLN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gemini.dashoefer.de/cemopen/checkimage.php?adresse=4284586&email=kristina.seitz@heraeus.com&ap=104244527&utm_source=PC1-ARB_XS-AM-EP&utm_medium=cem&utm_campaign=$cname$&wa=$cname$
Requested by: Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=93dAo2MlvV_794450776_2826063_1147&_esuh=_11_c4643288a7e7f899fe0fc2fb810f250b623d4b3ae800d8a9b419709282bcd569
Protocol: HTTP/1.1
Server: 5.159.58.60 Lüneburg, Germany, ASN59507 (TLN-AS, DE),
Reverse DNS
Software: Apache / PHP/8.0
Resource Hash: cfd2d78ecbf22c168ce6b2f16d92b89871fe94774ae8d0887efe5b53cfe5dd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 09:17:06 GMT
Server: Apache
X-Powered-By: PHP/8.0
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: http://gemini.dashoefer.de/cemopen/checkimage.php?adresse=4284586&email=kristina.seitz@heraeus.com&ap=104244527&utm_source=PC1-ARB_XS-AM-EP&utm_medium=cem&utm_campaign=$cname$&wa=$cname$
Date: Mon, 16 May 2022 09:17:06 GMT
Server: Apache
X-Powered-By: PHP/8.0
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 93dAo2MlvV_794450776_2826063_1147_4128125.gif
email.dashoefer.de/mo/ 43 B
245 B 52ms
21ms Image
image/gif 217.175.192.43
NEXTLAYER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://email.dashoefer.de/mo/93dAo2MlvV_794450776_2826063_1147_4128125.gif
Requested by: Host: email.dashoefer.de
URL: https://email.dashoefer.de/u/gm.php?prm=93dAo2MlvV_794450776_2826063_1147&_esuh=_11_c4643288a7e7f899fe0fc2fb810f250b623d4b3ae800d8a9b419709282bcd569
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.175.192.43 , Austria, ASN1764 (NEXTLAYER-AS, AT),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 09:17:06 GMT
x-hf: suite-haproxy01c
last-modified: Mon, 28 Mar 2022 09:18:07 GMT
x-fe: openfe02
content-length: 43
server: nginx
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://email.dashoefer.de/u/'https://fonts.googleapis.com/css?family=Open+Sans' Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	sandbox allow-popups allow-popups-to-escape-sandbox;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.dashoefer.de
fonts.googleapis.com
gemini.dashoefer.de
static.dashoefer.de
217.175.192.43
2a00:1450:4001:810::200a
5.159.58.60
0a70e55fd617f0c14df32c12ed645a7209be0dcaa41e1dd92b5abf645a840cf3
261e445df2949562f622153fa6b647d3dad875e365ec61c6a37ca41445256c42
88ab4f6b8705f33444f3664b40c18745975cc1a732e66abcc744a203e669aa2a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b58e95ec2f64c539049afec904cf30fecadb00498796248f324e3dac05b65983
cfd2d78ecbf22c168ce6b2f16d92b89871fe94774ae8d0887efe5b53cfe5dd0c

email.dashoefer.de Open in urlscan Pro 217.175.192.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

71 %HTTPS

33 %IPv6

2 Domains

4 Subdomains

3 IPs

2 Countries

17 kBTransfer

27 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

email.dashoefer.de Open in urlscan Pro
217.175.192.43 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

71 %
HTTPS

33 %
IPv6

2
Domains

4
Subdomains

3
IPs

2
Countries

17 kB
Transfer

27 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions